Solarwinds Virtualization Manager versions 6.3.1 and below suffer from a java deserialization vulnerability.
>> ARCHIVE: 2016-06
Slim CMS version 0.1 suffers from a cross site request forgery vulnerability.
Json2Html javascript library suffers from a cross site scripting vulnerability.
Several functions in the GPU command buffer service interact with the GPU mailbox manager (gpu/command_buffer/service/mailbox_manager_impl.cc), passing a reference to shared memory as the mailbox argument. MailboxManagerImpl does not expect this…
Multiple ATCOM PBX systems suffer from an authentication bypass vulnerability.
Roxy File Manager versions 1.4.4 and below suffer from a remote shell upload vulnerability.
This Metasploit module simplifies the Regsvr32.exe Application Whitelisting Bypass technique. The module creates a web server that hosts an .sct file. When the user types the provided regsvr32 command on…
This proof of concept triggers a blue screen on Windows 7 with special pool enabled on win32k.sys. A reference to the bitmap object still exists in the device context after…
This proof of concept crashes 32-bit Windows 7 with special pool enabled on win32k.sys. It might take several runs in order to reproduce.
Python’s built-in URL library (“urllib2” in 2.x and “urllib” in 3.x) is vulnerable to protocol stream injection attacks (a.k.a. “smuggling” attacks) via the http scheme.