WordPress Sirv plugin version 1.3.1 suffers from a remote SQL injection vulnerability.
>> CATEGORY: exploit
A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the…
JavascriptArray::FillFromPrototypes is a method that is used by several Javascript functions available in the browser to set the native elements of an array to the values provide by its prototype….
There is a heap overflow in Array.splice in Chakra. When an array is spliced, and overflow check is performed, but ArraySpeciesCreate, which can execute code and alter the array is…
There is an overflow when reversing arrays in Chakra. On line 5112 of JavascriptArray::EntryReverse, the length of the array is fetched and stored. It is then passed as a parameter…
There is an info leak in Array.filter. In Chakra, the destination array that arrays are filtered into is initialized using ArraySpeciesCreate, which can create both native and variable arrays. However,…
DCFM Blog version 0.9.7 suffers from a cross site scripting vulnerability.
The vulnerability laboratory core research team discovered a security flaw that affects the official Huawei Flybox B660 …
The vulnerability laboratory core research team discovered a local passcode bypass via access permission vulnerability i…
Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to…