Serv-U FTP Server version 15.1.6.25 suffers from a local privilege escalation vulnerability via authentication bypass.
[papers] Analysis of CVE-2019-0708 (BlueKeep)
Analysis of CVE-2019-0708 (BlueKeep)
pfSense 2.4.4-p3 Cross Site Scripting
pfSense version 2.4.4-p3 with ACMEPackage version 0.5.7_1 suffers from a persistent cross site scripting vulnerability.
WordPress Nya-Comment-DoFollow 1.0 Open Redirection
WordPress Nya-Comment-DoFollow plugin version 1.0 suffers from an open redirection vulnerability.
WordPress WPAds 1.0 Open Redirection
WordPress WPAds plugin version 1.0 suffers from an open redirection vulnerability.
Free SMTP Server 2.5 Denial Of Service
Free SMTP Server version 2.5 denial of service proof of concept exploit.
Microsoft Windows AppX Deployment Service Local Privilege Escalation
Microsoft Windows suffers from a deployment service local privilege escalation vulnerability that bypasses the fix for CVE-2019-0841.
Qualcomm Android Kernel Use-After-Free
The Qualcomm Android kernel suffers from a use-after-free vulnerability via an incorrect set_page_dirty() in KGSL.
Siemens LOGO! 8 Hard-Coded Cryptographic Key
Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack.
Siemens LOGO! 8 Missing Authentication
Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.