Eagle Speed USB modem software suffers from a privilege escalation vulnerability.
>> ARCHIVE: 2016-11
A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object…
WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability.
WinPower version 4.9.0.4 suffers from a privilege escalation vulnerability. Proof of concept code included.
Input passed via the ‘_redirect’ GET parameter via ‘service.cgi’ script on various Peplink VPN-Firewall devices is not properly verified before being used to redirect users. This can be exploited to…
http://audit.dmh.go.th/adr.htm notified by aDriv4
UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.
JBoss EAP’s JMX Invoker Servlet is exposed by default on port 8080/TCP. The communication employs serialized Java objects, encapsulated in HTTP requests and responses. The server deserializes these objects without…
GNU wget versions 1.17 and earlier, when used in mirroring/recursive mode, are affected by a race condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions…