WordPress WPGraphQL 1.3.5 Denial Of Service
WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.
WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.
This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the /casa/private/config/slice/ha/certificate endpoint. Code execution occurs as the “admin” Unix user.
Kimai version 1.14 suffers from a CSV injection vulnerability.
Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability.
Windows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability.
SEO Panel version 4.8.0 remote blind SQL injection exploit. Original discovery in this version is attributed to Piyush Patil in February of 2021.
OpenPLC version 3 authenticated remote code execution exploit.