Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead.
>> AUTHOR: deepcore
Cibele Thinfinity VirtualUI version 2.5.41.0 suffers from a user enumeration vulnerability.
Chrome suffers from a heap use-after-free vulnerability in ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread.
Chrome suffers from a site isolation bypass vulnerability in NavigationPreloadRequest.
log4j-payload-generator is a plugin for the woodpecker framework to produce log4 jndi injection vulnerability payload. Five types of payloads can be produced with one click.
If you are curious about web application firewall (WAF) bypass payloads that can be leveraged to exploit the log4j2 code execution vulnerability, you should look at this tool.
Oliver Library Server 5 versions prior to 8.00.008.053 suffer from an arbitrary file download vulnerability.
Simple Cold Storage Management System version 1.0 suffers from a remote SQL injection vulnerability.
OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality.
SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG. Other software and various versions are also affected.