ProShow version 9.0.3797 suffers from a local privilege escalation vulnerability.
>> ARCHIVE: 2019-06
WordPress Insert or Embed Articulate Content plugin versions 4.2995 through 4.2997 suffers from a remote code execution vulnerability.
phpMyAdmin version 4.8 suffers from a cross site request forgery vulnerability.
Liferay Portal version 7.1 CE GA4 suffers from cross site scripting vulnerability in the SimpleCaptcha API.
FusionPBX versions 4.4.3 and below suffer from a remote code execution vulnerability via cross site scripting.
Telus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a credential disclosure vulnerability. An HTTP interface used by wireless extenders to pull the modem’s wifi settings uses DHCP client-provided option values…
Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from both local and remote privilege escalation vulnerabilities.
Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since…
Telus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a serial number information disclosure vulnerability. The wireless extenders use DHCP Option 125 to include device details such as model number, manufacturer,…
There’s a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric.