Clik here to view.
WebKit WebCore::Style::TreeResolver::styleForElement Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::Style::TreeResolver::styleForElement.MD5 | 63b43c75cbc1b4ad33a88819f4eedddeDownloadWebKit: use-after-free in...
View ArticleClik here to view.
WebKit WebCore::DocumentLoader::frameLoader Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::DocumentLoader::frameLoader.MD5 | c07fda98eca843e82ef5236fd67fb80bDownloadWebKit: use-after-free in WebCore::DocumentLoader::frameLoader...
View ArticleClik here to view.
Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
Cisco Registered Envelope Service is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...
View ArticleClik here to view.
TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
The Formhandler extension for TYPO3 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
View ArticleClik here to view.
TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
The Recommend Page extension for TYPO3 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
View ArticleClik here to view.
PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
PHPMailer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
View ArticleClik here to view.
IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery...
IBM OpenPages GRC Platform is prone to a cross-site request forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform...
View ArticleClik here to view.
Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
The com_tag component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker may leverage this...
View ArticleClik here to view.
GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
GNU Binutils is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.An attacker can...
View ArticleClik here to view.
Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery...
Favorite Plugin for Jenkins is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the...
View ArticleClik here to view.
SAP NetWeaver Knowledge Management XMLForms Unspecified Cross Site Scripting...
SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary...
View ArticleClik here to view.
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure
EDB-ID: 43178Author: Google Security ResearchPublished: 2017-11-24CVE: N/A Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting...
Fortinet FortiOS is prone to a URI-redirection vulnerability and a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit...
View ArticleClik here to view.
D-Link DIR-850L Credential Disclosure
D-Link DIR-850L remote code execution variant exploit that extracts username and password for the device.MD5 | b4ca3f0d10a248730135ce2865102871Download#!/bin/bash## Derped together by Raphael de la...
View ArticleClik here to view.
CommuniGatePro 6.1.16 Cross Site Scripting
CommuniGatePro version 6.1.16 suffers from multiple stored cross site scripting vulnerabilities.MD5 | 04b4d99355b9137c616c8339f6cc48e9Download# Exploit Title: CommuniGatePro webmails Multiple Stored...
View ArticleClik here to view.
CSC Cart 4.6.2 Shell Upload
CSC Cart version 4.6.2 suffers from a remote shell upload vulnerability.MD5 | 0a62f78f3293e527ec3327b130b259b6Download**** SummaryCSC Cart is a PHP based shopping cart software, which is hosted either...
View ArticleClik here to view.
pfSense 2.4.1 Clickjacking
pfSense version 2.4.1 suffers from a clickjacking vulnerability in the cross site request forgery error page.MD5 |...
View ArticleClik here to view.
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)
EDB-ID: 43179Author: sicknessPublished: 2017-11-25CVE: N/A Type: LocalPlatform: WindowsVulnerable App: N/A # Tested on: Windows 10 Professional (x86) # Exploit for previous version:...
View ArticleClik here to view.
WebKit WebCore::RenderObject::previousSibling Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::RenderObject::previousSibling.MD5 | 0226ddcb9777ea7067a169d6a553b7c8DownloadWebKit: use-after-free in...
View ArticleClik here to view.
WebKit WebCore::FormSubmission::create Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::FormSubmission::create.MD5 | 98d087c67a0a6cedef693c7155034473DownloadWebKit: use-after-free in WebCore::FormSubmission::create...
View Article