WordPress Dosimple theme version 2.0 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2020-05
Creative Zone suffers from a remote SQL injection vulnerability.
The ManageEngine Asset Explorer windows agent suffers form a remote code execution vulnerability. All versions prior to 1.0.29 are affected.
This Metasploit module leverages a trusted file overwrite with a dll hijacking vulnerability to gain SYSTEM-level access on vulnerable Windows 10 x64 targets.
This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not…
Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia.
Linux futex+VFS suffers from an improper inode reference in get_futex_key() that causes a use-after-free if the superblock goes away.
Linux 5.6 has an issue with IORING_OP_MADVISE racing with coredumping.
http://e-mining.dpim.go.th/java.html notified by Al Catraz
http://www.nanual.go.th/m-1.html notified by moncet