Webmin Remote Code Execution Vulnerability

Webmin version 1.882 to 1.921 is vulnerable to Unauthenticated Remote Code Execution Vulnerability. This vulnerability exists in the reset password function that allows a malicious attacker to execute malicious code due to lack of input validation. The targets which have the setting “user password change enabled” are exploitable. This vulnerability has been assigned CVE-2019-15107. Vulnerability … Continue reading “Webmin Remote Code Execution Vulnerability”

Atlassian Jira Server Template Injection Vulnerability

Atlassian Jira Server and Data Center is vulnerable to a server-side template injection in various resources. This vulnerability was introduced in version 4.4.x and affects versions as recent as 8.2.2 (released on 13 June 2019). CVE-2019–11581 has been assigned to track this vulnerability. Thousands of Jira Servers are potentially affected by this vulnerability and may … Continue reading “Atlassian Jira Server Template Injection Vulnerability”

Microsoft Windows Win32k Privilege Escalation Vulnerability

Microsoft Windows is prone to local privilege-escalation vulnerability. CVE-2019-0859 has been assigned to track this vulnerability. This privilege escalation vulnerability is being exploited in the wild. Vulnerability Details: The vulnerability exists when the Win32k component fails to properly handle objects in memory. An attacker can exploit this issue to execute arbitrary code in kernel mode, … Continue reading “Microsoft Windows Win32k Privilege Escalation Vulnerability”