A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak “C:Program FilesTotalAV” permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary […]
G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.
This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API.
This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer’s manual being mishandled in various operating system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS. This Metasploit module will upload the pre-compiled exploit […]
Linux/Ubuntu suffers from a vulnerability where other users’ coredumps can be read via a setgid directory and killpriv bypass.
QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.
Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.
Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.
Dicoogle PACS version 2.5.0 suffers from a directory traversal vulnerability.
Linux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.