Highest Voted 'rce' Questions

3

votes

1 answer

How to fix the security vulnerability in system.drawing.common 4.7.0 package refered by Microsoft.EntityFrameworkCore.SqlServer(6.0.3)?

In Visual Studio 2022, API project created using .NET Core 6.0.6 runtime, we are using Microsoft.EntityFrameworkCore.SqlServer 6.0.3 nuget package. But recently found that there is a security vulnerability in the System.Drawing.Common 4.7.0…

blackduck system.drawing.common rce

asked Jan 03 '23 at 14:42

RAMA KRISHNA

31
2

1

vote

1 answer

Webshell upload in django webapp

What file can be uploaded on a webapp built on django framework if it's allowing unrestricted file upload? When I uploaded a shell.py it simply rendered as text in the browser but html and javascript are executing fine.

python django shell rce

asked May 17 '22 at 19:57

Subo

29
3

0

votes

0 answers

How to fix the High Risk Remote Code Execution (RCE) vulnerability in System.Data.Common 4.3.0 package referenced by Telerik.UI.for.Blazor

In Visual Studio 2022, I created a library project using .NET Core 6.0 runtime, I am using Telerik.UI.for.Blazor 3.7.0 nuget package. After recent vera code scan I found that there is a security vulnerability in the System.Data.Common 4.3.0 package…

asp.net-core security nuget safety-critical rce

asked Aug 25 '23 at 16:25

Nabaraj Ghimire

1
1

0

votes

1 answer

RCE on a Cloud Function in GCP

Can we talk about remote code execution in a serverless? Let's say I have a Cloud Function in GCP that's vulnerable to RCE. If an attacker uses the right payload, will he be able to execute commands on the container of the Cloud Function ? Thank you…

security google-cloud-platform serverless rce

asked May 11 '23 at 10:33

Foued

1

0

votes

0 answers

How does Spring prevents request body deserialization attacks?

I have read about deserialization attacks recently and I wonder how does Spring prevent JSON injections. For example let’s consider a request body of a post request, we can instantiate an arbitrary malicious class and execute commands on the server.…

spring-boot jackson deserialization json-deserialization rce

asked Feb 04 '23 at 20:25

Hüseyin Aydın

486
5
9

0

votes

0 answers

KQl to extract RCE attempts

I am trying to query For Remote Code Execution Attempt alerts, Does anyone have an idea how to go about this. SecurityAlert | where TimeGenerated >= ago(20d) | where AlertName contains "Remote code execution attempt" | extend Entities =…

azure kql rce

asked Jan 10 '23 at 02:20

Tony Ben

3
1
2

0

votes

2 answers

MediaWiki treats CLTF text as RCE

Help. I have a weird problem on a MediaWiki 1.37.2 install. We (me & the musician) are trying to get a wiki going for Clan Lord Tune Format music (like midi but with a–g, "." for flat, "[…]" for chords so "[DFA.]" is a possible chord). However, when…

mediawiki mod-security rce

asked May 17 '22 at 16:00

M Noivad

96
7

Questions tagged [rce]

How to fix the security vulnerability in system.drawing.common 4.7.0 package refered by Microsoft.EntityFrameworkCore.SqlServer(6.0.3)?

Webshell upload in django webapp

How to fix the High Risk Remote Code Execution (RCE) vulnerability in System.Data.Common 4.3.0 package referenced by Telerik.UI.for.Blazor

RCE on a Cloud Function in GCP

How does Spring prevents request body deserialization attacks?

KQl to extract RCE attempts

MediaWiki treats CLTF text as RCE