Clik here to view.
Linux BPF Sign Extension Local Privilege Escalation
Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate...
View ArticleClik here to view.
Adobe Systems Main lead DBMS Arbitrary Code Injection
Adobe Systems Mail Lead DBMS suffers from an arbitrary code injection vulnerability.MD5 | ada369cd2544ba228b1d487fb353258dDownloadDocument Title:===============Adobe Systems - Arbitrary Code Injection...
View ArticleClik here to view.
Chrome Swiftshader Texture Allocation Integer Overflow
Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.MD5 | b3eb960cb7d3278d871332f5993c7d6cDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.MD5 | 94c654dcb20a0856b832d97f6fed38a0DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
MyBB New Threads 1.1 Cross Site Scripting
MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability.MD5 | ad2681c777df161b9e3674786e010194Download# Exploit Title: MyBB New Threads Plugin - Cross-Site Scripting#...
View ArticleClik here to view.
Chrome Swiftshader Blitting Floating-Point Precision Errors
Chrome suffers from floating-point precision errors in Swiftshader blitting.MD5 | 7b98d22e3cda5e01a29a389816481305DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
WordPress All In One Favicon 4.6 Cross Site Scripting
WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.MD5 | 4e1fd052af536e388490d26a91809868Download# Exploit Title: WordPress Plugin All In One Favicon...
View ArticleClik here to view.
CMS Made Simple 2.2.5 Authenticated Remote Command Execution
CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the...
View ArticleClik here to view.
Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic SAML Issues
Two vulnerabilities were discovered within the Oracle WebLogic SAML service provider authentication mechanism. By inserting an XML comment into the SAML NameID tag, an attacker can coerce the SAML...
View ArticleClik here to view.
RSA Archer 6.x Cross Site Scripting / Authorization Bypass
RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious...
View ArticleClik here to view.
National Instruments Linux Driver Remote Code Injection
The National Instruments Linux driver package suffers from a remote code injection (software update) vulnerability.MD5 | 1e28736b0d9553a7194f07575dca7de2DownloadHello folks,i've recently discovered a...
View ArticleClik here to view.
LibRaw 0.18.11 Denial Of Service
Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parse_qt()"...
View ArticleClik here to view.
LibRaw parse_minolta() Infinite Loop Denial Of Service
Secunia Research has discovered a vulnerability in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An error within the "parse_minolta()" function (dcraw/dcraw.c)...
View ArticleClik here to view.
Oracle Outside In 8.5.3 Heap-Based Buffer Overflows / OOB Write
Secunia Research has discovered multiple vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system. An error within the...
View ArticleClik here to view.
Oracle Outside In 8.5.3 Denial Of Service
Secunia Research has discovered multiple vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS...
View ArticleClik here to view.
Microsoft dnslint.exe DNS Tool Forced Drive-By Download
Microsoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a...
View ArticleClik here to view.
Zoho ManageEngine 13 (13790 build) XSS / File Read / File Deletion
Zoho ManageEngine version 13 (13790 build) suffers from file read, file deletion, and cross site scripting vulnerabilities.MD5 | 07e48d82fe5c4fd7c8247ea8ca287c85DownloadThis issue has been reported to...
View ArticleClik here to view.
Linksys.com Cross Site Scripting
Linksys.com suffers from a cross site scripting vulnerability.MD5 | 89709b580c066b5a74071ecfb0cbdbabDownload# Exploit Title: [ Reflected XSS at Linksys ]# Date: [ 02.06.2018 ] # Exploit Author: [...
View ArticleClik here to view.
Windows Speech Recognition 4.0.4.2512 Buffer Overflow
Windows Speech Recognition version 4.0.4.2512 suffers from a buffer overflow vulnerability.MD5 | 871847c13dd85961bdef5d89f49bbc49Download# Title: Windows Speech Recognition- Buffer Overflow# Author:...
View ArticleClik here to view.
Cisco Adaptive Security Appliance Path Traversal
This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal...
View Article