>> ARCHIVE: 2022-08

FLIR AX8 versions 1.46.16 and below unauthenticated remote OS command injection exploit.

Chrome suffers from a heap use-after-free vulnerability in content::ServiceWorkerVersion::MaybeTimeoutRequest. Google Chrome version 103.0.5060.53 and Chromium version 105.0.5134.0 are affected.

Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database backup functionality passes a user-controlled parameter, backup_file to the…

TypeORM version 0.3.7 suffers from an information disclosure vulnerability.

Whitepaper called Race Against the Sandbox – Root Cause Analysis of a Tianfu Cup bug that used a Ntoskrnl bug to escape the Google Chrome sandbox.

Whitepaper called Race Against the Sandbox – Root Cause Analysis of a Tianfu Cup bug that used a Ntoskrnl bug to escape the Google Chrome sandbox.

Gigaland NFT Marketplace version 1.9 suffers from remote shell upload and ETH private key disclosure vulnerabilities.

Inout SiteSearch version 2.0.1 suffers from a cross site scripting vulnerability.

Inout RealEstate version 2.1.2 suffers from a remote SQL injection vulnerability.