>> CATEGORY: exploit

Beetel BCM96338 ADSL Router remote dns changer exploit.

D-Link ADSL DSL-2640B SEA_1.01 remote dns changer exploit.

Ektron CMS version 9.10SP1 suffers from multiple cross site scripting vulnerabilities.

sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.

WordPress WP Job Manager plugin version 1.26.1 suffers from a stored cross site scripting vulnerability.

VX Search Enterprise version 9.7.18 suffers from a local buffer overflow vulnerability.

Aerohive AP340 HiveOS versions prior to 6.1r5 suffers from a local file inclusion vulnerability that allows for remote code execution.

WebKit JSC suffers from a JIT optimization check failure in IntegerCheckCombiningPhase::handleBlock.

WebKit JSC suffers from a JSGlobalObject::haveABadTime type confusion vulnerability.

WebKit JSC arrayProtoFuncSplice fails to initialize all indices.