VSCO 1.1.1.0 – Denial of Service (PoC)
>> ARCHIVE: 2019-02
VSCO 1.1.1.0 – Denial of Service (PoC)
Navicat for Oracle 12.1.15 – “Password” Denial of Service (PoC)
MyBB Trash Bin Plugin 1.1.3 – Cross-Site Scripting / Cross-Site Request Forgery
runc versions prior to 1.0-rc6 (Docker < 18.09.2 host command execution proof of concept exploit.
This exploit bypasses access control checks to use a restricted API function (POST /v2/create-user) of the local snapd service. This queries the Ubuntu SSO for a username and public SSH…
This exploit bypasses access control checks to use a restricted API function (POST /v2/snaps) of the local snapd service. This allows the installation of arbitrary snaps. Snaps in “devmode” bypass…
SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from a cross site request forgery vulnerability.
SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from an authenticated command injection vulnerability.
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the fmgpon_loid parameter.
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the newpass and confpass parameters in /bin/WebMGR.