Clik here to view.
WebKit WebCore::AccessibilityRenderObject::handleAriaExpandedChanged...
WebKit suffers from a WebCore::AccessibilityRenderObject::handleAriaExpandedChanged use-after-free vulnerability.MD5 | d5accb37ff0433ed20451be2bf8d0d2aDownload WebKit: use-after-free in...
View ArticleClik here to view.
WebKit WebCore::RenderObject Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::RenderObject with accessibility enabled.MD5 | a4dea82325ce2ff7147bae6f3044af5bDownload WebKit: use-after-free in WebCore::RenderObject...
View ArticleClik here to view.
WebKit WebCore::AccessibilityNodeObject::textUnderElement Use-After-Free
WebKit suffers from a WebCore::AccessibilityNodeObject::textUnderElement use-after-free vulnerability.MD5 | 84e9da66fe8fee86e5c1ebabf24d65ccDownload WebKit: use-after-free in...
View ArticleClik here to view.
WebKit WebCore::RenderSearchField::addSearchResult Heap Buffer Overflow
WebKit suffers from a WebCore::RenderSearchField::addSearchResult heap buffer overflow vulnerability.MD5 | 04b54b4fde19de5e3ff97538dc8015b4Download WebKit: heap-buffer-overflow in...
View ArticleClik here to view.
WebKit JSC ArgumentsEliminationPhase::transform Incorrect LoadVarargs Handling
WebKit JSC suffers from incorrect LoadVarargs handling in ArgumentsEliminationPhase::transform.MD5 | 3329e3b7383b6891153dfafff93bf8beDownload WebKit: JSC: Incorrect LoadVarargs handling in...
View ArticleClik here to view.
Ubiquiti Networks EP-R6 / ER-X / ER-X-SFP Cross Site Scripting
Ubiquiti Networks EP-R6, ER-X, and ER-X-SFP with firmware version 1.9.1 suffer from a cross site scripting vulnerability.MD5 | 9ea2bb02f107be6df0906b4c0a16edf9DownloadSEC Consult Vulnerability Lab...
View ArticleClik here to view.
Ubiquiti Networks Open Redirect
Ubiquiti Networks products suffer from an open redirection vulnerability. Products affected include, but are not limited to TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16, AG-HP-2G20, AG-HP-5G23,...
View ArticleClik here to view.
WordPress Ultimate Affiliate Pro 3.6 Cross Site Scripting
WordPress Ultimate Affiliate Pro plugin versions 3.6 and below suffer from a persistent cross site scripting vulnerability.MD5 | e78c775ae995bd10eec13327774bc13cDownload# Exploit Title: Ultimate...
View ArticleClik here to view.
WordPress FormCraft Form Builder 3.2.31 Cross Site Scripting
WordPress FormCraft Premium WordPress Form Builder versions 3.2.31 and below suffer from a persistent cross site scripting vulnerability.MD5 | 2836e5dad51c51e3bb783c98e382066bDownload# Exploit Title:...
View ArticleClik here to view.
Ruby 'initialize()' Function Heap Buffer Overflow Vulnerability
Ruby is prone to a heap-based buffer overflow vulnerability because it fails to adequate boundary checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the...
View ArticleClik here to view.
Ruby TclTkIp 'ip_cancel_eval()' Function Type Confusion Remote Code Execution...
Ruby is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts...
View ArticleClik here to view.
Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
Apache Solr is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
View ArticleClik here to view.
WebKit - 'WebCore::Node::nextSibling' Use-After-Free
EDB-ID: 42362Author: Google Security ResearchPublished: 2017-07-24CVE: CVE-2017-7039 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Use After FreeVulnerable App: N/A Source:...
View ArticleClik here to view.
WebKit - 'WebCore::InputType::element' Use-After-Free
EDB-ID: 42364Author: Google Security ResearchPublished: 2017-07-24CVE: CVE-2017-7042 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Use After FreeVulnerable App: N/A Source:...
View ArticleClik here to view.
VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command...
EDB-ID: 42370Author: MetasploitPublished: 2017-07-24CVE: N/A Type: RemotePlatform: UnixAliases: N/AAdvisory/Source: LinkTags: Metasploit FrameworkVulnerable App: N/A # This module requires Metasploit:...
View ArticleClik here to view.
Razer Synapse 2.20.15.1104 - rzpnk.sys ZwOpenProcess (Metasploit)
EDB-ID: 42368Author: MetasploitPublished: 2017-07-24CVE: CVE-2017-9769 Type: LocalPlatform: Win_x86-64Aliases: N/AAdvisory/Source: LinkTags: Metasploit FrameworkVulnerable App: N/A # This module...
View ArticleClik here to view.
REDDOXX Appliance Build 2032 / 2.0.625 - Arbitrary File Disclosure
EDB-ID: 42372Author: RedTeam PentestingPublished: 2017-07-24CVE: N/A Type: WebappsPlatform: JSONVulnerable App: N/A RedTeam Pentesting discovered an arbitrary file disclosure vulnerability in the...
View ArticleClik here to view.
REDDOXX Appliance Build 2032 / 2.0.625 - Remote Command Execution
EDB-ID: 42371Author: RedTeam PentestingPublished: 2017-07-24CVE: N/A Type: WebappsPlatform: JSONVulnerable App: N/A RedTeam Pentesting discovered a remote command execution vulnerability in the REDDOXX...
View ArticleClik here to view.
WebKit - 'WebCore::AccessibilityNodeObject::textUnderElement' Use-After-Free
EDB-ID: 42360Author: Google Security ResearchPublished: 2017-07-24CVE: CVE-2017-7048 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Use After FreeVulnerable App: N/A Source:...
View ArticleClik here to view.
WebKit - 'WebCore::AccessibilityRenderObject::handleAriaExpandedChanged'...
EDB-ID: 42361Author: Google Security ResearchPublished: 2017-07-24CVE: CVE-2017-7043 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Use After FreeVulnerable App: N/A Source:...
View Article