Imperva SecureSphere 13.x – ‘PWS’ Command Injection (Metasploit)
>> AUTHOR: deepcore
Imperva SecureSphere 13.x – ‘PWS’ Command Injection (Metasploit)
Kados R10 GreenBee – Multiple SQL Injection
QNAP TS-431 QTS < 4.2.2 – Remote Command Execution (Metasploit)
Anyburn 4.3 x86 – ‘Copy disc to image file’ Buffer Overflow – (UNICODE)(SEH)
FreeBSD – Intel SYSRET Privilege Escalation (Metasploit)
Drupal < 8.5.11 / < 8.6.10 – RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Android – binder Use-After-Free via racy Initialization of ->allow_user_free
Linux < 4.20.14 – Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
Android – getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass
Xoops version 1.0.2 with PD-Links module version 1.0 suffers from a database disclosure vulnerability.