Apple Security Advisory 2022-08-31-1 – iOS 12.5.6 addresses code execution and out of bounds write vulnerabilities.
>> AUTHOR: deepcore
Doctor’s Appointment System version 1.0 suffers from a cross site scripting vulnerability in register.php. Original discovery of cross site scripting in this version is attributed to Soham Bakore in February…
Doctor’s Appointment System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Soham Bakore and Nakul Ratti in February…
Sophos XG115w Firewall 17.0.10 MR-10 – Authentication Bypass
WordPress Plugin Testimonial Slider and Showcase 2.2.6 – Stored Cross-Site Scripting (XSS)
WordPress Plugin Netroics Blog Posts Grid 1.0 – Stored Cross-Site Scripting (XSS)
The WordPress Core version 6.0.2 release addresses cross site scripting and remote SQL injection vulnerabilities.
This Metasploit module exploits CVE-2022-30526, a local privilege escalation vulnerability that allows a low privileged user (e.g. nobody) escalate to root. The issue stems from a suid binary that allows…
This archive contains all of the 79 exploits added to Packet Storm in August, 2022.
KVM instruction emulation can run while KVM_VCPU_PREEMPTED is set, which can lead other vcpus to skip sending TLB flush IPIs. As a consequence, KVM instruction emulation can access memory through…