NSClient++ version 0.5.2.35 suffers from an authenticated remote code execution vulnerability.

Edimax EW-7438RPn version 1.13 suffers from a remote code execution vulnerability.

Furukawa Electric ConsciusMAP version 2.8.1 java deserialization remote code execution exploit.

Source Engine CS:GO BuildID: 4937372 arbitrary code execution exploit.

School ERP Pro version 1.0 suffers from a remote code execution vulnerability.

Open-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability.

Saltstack version 3000.1 suffers from a remote code execution vulnerability.

ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffers from a path traversal vulnerability that can lead to remote code execution.

The ManageEngine Asset Explorer windows agent suffers form a remote code execution vulnerability. All versions prior to 1.0.29 are affected.

Mandriva Linux Security Advisory 2013-271 - The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk.

Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities.

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from an information disclosure vulnerability.

HP ThinPro versions 7.1, 7.0, 6.2.1, and 6.2 suffer from a local physical access information disclosure vulnerability.

MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities.

Edimax EW-7438RPn suffers from an information disclosure vulnerability.

File Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one, CVE-2019-1936, is a command injection in a password change form, that allows the attacker to inject commands that will execute as root. This module combines both vulnerabilities to achieve the unauthenticated command injection as root. It has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.

Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.

Cisco Data Center Network Manager version 11.2 remote code execution exploit.

Cisco Unified Contact Center Express suffers from a privilege escalation vulnerability.

SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.

SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.

SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.

Snare for Apache provides a remote distribution facility for Apache Web server logs. It is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Apache can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival.

SGI IRIX 6.5 local root exploit that makes use of /usr/sysadm/bin/lezririx.

SGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit.

IRIX MIPS processor shellcode. Tested on R12000 process with system IRIX64 6.5.26m.

This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.

IRIX suffers from local kernel memory disclosure and denial of service vulnerabilities.

Sites designed by IRIX suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

SGI IRIX versions 6.4.x and below run-time linker (rld) arbitrary file creation exploit.

CRYPTOCard's CRYPTOAdmin software is a challenge/response user authentication administration system. The PT-1 token, which runs on a PalmOS device, generates the one-time-password response. A PalmOS .PDB file is created for each user and loaded onto their Palm device. By gaining access to the .PDB file, the legitimate user's PIN can be determined through a series of DES decrypts-and-compares. Using the demonstration tool, the PIN can be determined in under 5 minutes on a Pentium III 450MHz.

A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.

IBM AIX High Availability Cluster Multiprocessing (HACMP) suffers from a local privilege escalation vulnerability that results in root privileges.

AIX versions 6.1, 7.1, and 7.2.0.2 lsmcode local root exploit.

This exploit takes advantage of known issues with debugging functions within the AIX linker library. It takes advantage of known functionality, and focuses on badly coded SUID binaries which do not adhere to proper security checks prior to seteuid/open/writes.

IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability.

Bull / IBM AIX Clusterwatch / Watchware suffers from having trivial admin credentials, system file writes, and OS command injection vulnerabilities.