myBB forums version 1.8.26 suffers from a persistent cross site scripting vulnerability.
DSL-124 Wireless N300 ADSL2+ Backup Disclosure
DSL-124 Wireless N300 ADSL2+ suffers from a backup disclosure vulnerability.
Covenant 0.5 Remote Code Execution
Covenant version 0.5 suffers from a remote code execution vulnerability.
Virtual Reception 1.0 Directory Traversal
Virtual Reception version 1.0 suffers from a directory traversal vulnerability.
Lavasoft 4.1.0.409 Unquoted Service Path
Lavasoft version 4.1.0.409 suffers from an unquoted service path vulnerability.
CrowdStrike Falcon Agent 6.44.15806 Uninstall Issue
CrowdStrike Falcon Agent version 6.44.15806 has an uninstall bypass flaw that works without an installation token.
Forcepoint (Stonesoft VPN Client) 6.2.0 / 6.8.0 Local Privilege Escalation
Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.
WordPress WPForms 1.7.8 Cross Site Scripting
WordPress WPForms plugin version 1.7.8 suffers from a cross site scripting vulnerability.
Eve-ng 5.0.1-13 Cross Site Scripting
Eve-ng version 5.0.1-13 suffers from a cross site scripting vulnerability.
Ancillary Function Driver (AFD) For Winsock Privilege Escalation
A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local […]