Clik here to view.
Microsoft Edge - 'CssParser::RecordProperty' Type Confusion
EDB-ID: 42246Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-8496 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Microsoft Windows - 'USP10!NextCharInLiga' Uniscribe Font Processing...
EDB-ID: 42238Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-0286 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a crash...
View ArticleClik here to view.
Microsoft Windows - Kernel ATMFD.DLL Out-of-Bounds Read due to Malformed...
EDB-ID: 42243Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-8483 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a...
View ArticleClik here to view.
Adobe Flash - Image Decoding Out-of-Bounds Read
EDB-ID: 42248Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-3077 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A The attached png file...
View ArticleClik here to view.
Microsoft Windows - 'USP10!otlSinglePosLookup::getCoverageTable' Uniscribe...
EDB-ID: 42239Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-0287 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a crash...
View ArticleClik here to view.
unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write
EDB-ID: 42245Author: Google Security ResearchPublished: 2017-06-23CVE: N/A Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A It appears that the VMSF_DELTA memory...
View ArticleClik here to view.
Microsoft Windows - 'USP10!MergeLigRecords' Uniscribe Font Processing...
EDB-ID: 42234Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-0283 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a crash...
View ArticleClik here to view.
Microsoft Windows - 'USP10!ttoGetTableData' Uniscribe Font Processing...
EDB-ID: 42235Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-0284 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a crash...
View ArticleClik here to view.
Microsoft Windows - 'USP10!SubstituteNtoM' Uniscribe Font Processing...
EDB-ID: 42236Author: Google Security ResearchPublished: 2017-06-23CVE: CVE-2017-0285 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A We have encountered a crash...
View ArticleClik here to view.
Sitecore 7.1 / 7.2 Cross Site Scripting
Sitecore versions 7.1 and 7.2 suffer from a cross site scripting vulnerability.MD5 | cb795bf1e489fa1a617c17c78f025331DownloadSitecore 7.1-7.2 Cross Site Scripting...
View ArticleClik here to view.
Blackcat CMS 1.2 Cross Site Scripting
Blackcat CMS version 1.2 suffers from a cross site scripting vulnerability.MD5 | 668cadbe054cbbd74a06fb0a595e0503Download# Exploit Title : Blackcat CMS XSS Vulnerability# Date: 21/June/2017# Exploit...
View ArticleClik here to view.
SimpleRisk 20170416-001 Cross Site Scripting
SimpleRisk version 20170416-001 suffers from multiple cross site scripting vulnerabilities.MD5 | cc6ee041f9ef0acdd8e3fb8dbdcb6dfbDownload<!--SimpleRisk v20170416-001 Reflected XSS...
View ArticleClik here to view.
Vaadin 7.7.6 Cross Site Scripting
Vaadin version 7.7.6 suffers from a cross site scripting vulnerability.MD5 | a18a2b3a6b79a8e884de918c1aca80f0Downloadfirst time poster, so I'm not sure if this is the best venue, format,...
View ArticleClik here to view.
Linux 4.10.1 Double-Fetch
Linux kernel versions 4.10.1 and below suffer from a double-fetch vulnerability.MD5 | 8a2dee006ebb41e1da67cea32dfccb57DownloadHi all,I found this double-fetch vulnerability when I was doing my research...
View ArticleClik here to view.
PayPal Marketing User Enumeration
PayPal's Marketing Online Service suffers from a user enumeration vulnerability.MD5 | e5c3f9c104584625593cdc59eb1620caDownloadDocument Title:===============PayPal Inc BB #149 - (Gift) Insufficient...
View ArticleClik here to view.
Cisco Prime Infrastructure 3.1.6 XXE Injection / XSS / LFD / SQL Injection
Cisco Prime Infrastructure versions 1.1 through 3.1.6 suffer from cross site scripting, XML external entity injection, file disclosure, and remote SQL injection vulnerabilities.MD5 |...
View ArticleClik here to view.
WordPress FormCraft Basic 1.0.5 SQL Injection
WordPress FormCraft Basic plugin version 1.0.5 suffers from multiple remote SQL injection vulnerabilities.MD5 | ab956807aad6b5f6d6ddd7dec71ed759Download# Exploit Title: [FormCraft Basic v1.0.5 blind...
View ArticleClik here to view.
Eltek SmartPack Backdoor Account
Eltek SmartPack has backdoor accounts that are disclosed via some json files.MD5 | 79e0ad16c5b8a359a1479599433c968aDownloadEltek SmartPack - Backdoor AccountAuthor: Saeed reza Zamanian [penetrationtest...
View ArticleClik here to view.
Netgear DGN2200 dnslookup.cgi Command Injection
This Metasploit module exploits a command injection vulnerability in NETGEAR DGN2200v1/v2/v3/v4 routers by sending a specially crafted post request with valid login details.MD5 |...
View ArticleClik here to view.
Symantec Messaging Gateway Remote Code Execution
This Metasploit module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user...
View Article