Responsive Online Blog version 1.0 remote blind boolean-based SQL injection exploit that retrieves usernames and md5 hashes for all site users. Original discovery of the vulnerability is attributed to Eren Simsek.
WordPress Popup Maker plugin version 1.16.5 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.GateHell.21 malware suffers from a man-in-the-middle vulnerability.
The Linux watch_queue filter suffers from an out of bounds write vulnerability.
WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a remote SQL injection vulnerability.
Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes.
Backdoor.Win32.Delf.zn malware suffers from an insecure credential storage vulnerability.
Backdoor.Win32.GateHell.21 malware suffers from an authentication bypass vulnerability.
BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was also discovered that bluetoothd suffers from a double-free memory corruption flaw.
BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was also discovered that bluetoothd suffers from a double-free memory corruption flaw.