>> CATEGORY: exploit

This Metasploit module exploits command injection vulnerability in the ManageEngine Application Manager product. An unauthenticated user can execute a operating system command under the context of privileged user. Publicly accessible…

Hola VPN version 1.79.859 suffers from an insecure service permission vulnerability.

10-Strike Network Monitor version 5.4 suffers from an unquoted service path vulnerability.

Panda Global Security version 17.0.1 suffers from an unquoted service path vulnerability.

WPS Free Office version 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through the use of an insecurely created named…

Panda Global Security version 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through the use of an insecurely created named…

Tuleap version 9.17.99.189 suffers from a remote SQL injection vulnerability.

Bacula-Web versions prior to 8.0.0-RC2 suffer from multiple remote SQL injection vulnerabilities.

DEWESoft X3 suffers from a remote internal command access vulnerability.

Chromium suffers from an issues where read-only SharedMemory descriptors on Android are writable.