Proof of concept exploit for the HTTP protocol stack remote code execution vulnerability related to a use-after-free dereference in http.sys.
>> AUTHOR: deepcore
Acer Backup Manager Module version 3.0.0.99 suffers an unquoted service path vulnerability.
Acer Updater Service version 1.2.3500.0 suffers from an unquoted service path vulnerability.
Spotweb-Develop version 1.4.9 suffers from a cross site scripting vulnerability.
Spotweb-Develop version 1.4.9 suffers from a cross site scripting vulnerability.
Microsoft Exchange 2019 – Unauthenticated Email Download (Metasploit)
Mozilla Firefox 88.0.1 – File Extension Execution of Arbitrary Code
Spotweb 1.4.9 – DOM Based Cross-Site Scripting (XSS)
DELL dbutil_2_3.sys 2.3 – Arbitrary Write to Local Privilege Escalation (LPE)