Microsoft Windows kernel suffers from an uninitialized memory issue in the default DACL descriptor of system processes token.
>> CATEGORY: exploit
The handler of the nt!NtTraceControl system call (specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E) discloses portions of uninitialized pool memory to user-mode clients on Microsoft Windows 10 systems.
Microsoft Windows suffers from a stack memory disclosure vulnerability in win32k!xxxClientLpkDrawTextEx.
NextCloud and OwnCloud suffer from a cross site scripting vulnerability in their error pages. OwnCloud versions 9.1.5 and below are affected. NextCloud versions prior to 11.0.3, 10.0.5, and 9.0.58 are…
An independent vulnerability laboratory researcher discovered a cross site scripting vulnerability in the official News…
MailCow version 0.14 suffers from multiple cross site request forgery vulnerabilities.
This archive contains a zip file of EXR images that cause segmentation faults in the OpenEXR library version 2.2.0.
INFOR EAM version 11.0 build 201410 suffers from a stored cross site scripting vulnerability.