>> CATEGORY: exploit

This Metasploit module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create and execute a PHP file in the document root. The USERNAME and…

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET…

HP SimplePass versions 8.00.49, 8.00.57, and 8.01.46 suffers from a local privilege escalation vulnerability.

VMWare Horizon client version 5.4 suffers from a dll hijacking vulnerability.

Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.

Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.

Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.

Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.

This vulnerability permits an unprivileged user on a Linux machine on which VMWare Workstation is installed to gain root privileges. The issue is that, for VMs with audio, the privileged…

MacOS suffers from a kernel register leak via 32-bit syscall exit.