KVM instruction emulation can run while KVM_VCPU_PREEMPTED is set, which can lead other vcpus to skip sending TLB flush IPIs. As a consequence, KVM instruction emulation can access memory through…
>> ARCHIVE: 2022-08
AeroCMS version 0.0.1 suffers from a remote SQL injection vulnerability.
http://ss-muni.go.th/index.php notified by ./Niz4r
http://tambonbansong.go.th/index.php notified by ./Niz4r
http://www.khokyanglocal.go.th/index.php notified by ./Niz4r
http://donmuang-local.go.th/index.php notified by ./Niz4r
The Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal…
http://www.sungnoenabt.go.th/read.html notified by ./Niz4r
This Metasploit module POSTs a ZIP file containing path traversal characters to the administrator interface for Zimbra Collaboration Suite. If successful, it plants a JSP-based backdoor within the web directory,…
In the Arm Mali driver’s handling of CSF user I/O mappings, VMA splitting is handled incorrectly, leading to a page being given back to the kernel’s page allocator while it…