An out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
>> AUTHOR: deepcore
Atlassian Jira Service Desk version 4.9.1 suffers from a cross site scripting vulnerability via a file upload.
Insufficient data validation in V8 in Google Chrome versions prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is…
Composr CMS version 10.0.36 suffers from a cross site scripting vulnerability.
Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API…
A radio proximity kernel memory corruption vulnerability exists in iOS and macOS due to bad state machine in BSS steering.
Monospace Directus Headless CMS versions prior to 8.8.2 suffers from .htaccess rule bypass and arbitrary file upload vulnerabilities.
This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gitea. This is possible when the current…
This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gogs. This is possible when the current…