Microsoft Internet Explorer has a read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout issue.
>> CATEGORY: exploit
ProjectSend version r582 suffers from a persistent cross site scripting vulnerability.
Cisco UCS Manager version 2.1(1b) shellshock exploit that spawns a connect-back shell.
Core Security Technologies Advisory – An integer signedness error has been found in the amd64_set_ldt() function in the FreeBSD kernel code (define d in the /sys/amd64/amd64/sys_machdep.c file), which implements the…
The Netgear CG3000v2 cable modem fails to validate an admin’s old password prior to changing to a new one. It also appears to suffer from cross site request forgery issues.
Netwrix Auditor version 7.1.322.0 suffers from a stack-based buffer overflow vulnerability when parsing large amount of bytes to the ‘sourceFile’ string parameter in PackFile() and UnpackFile() functions in ‘Netwrix.Common.CollectEngine.dll’ library,…
Chamilo LMS version 1.10.2 suffers from a cross site scripting vulnerability.
Dropbear sshd versions 2015.71 and below suffer from a command injection vulnerability via xauth. An authenticated user may inject arbitrary xauth commands by sending an x11 channel request that includes…
WordPress Bulletproof plugin version 0.53.2 suffers from a cross site scripting vulnerability.
OpenSSH versions 7.2p1 and below suffer from a command injection and /bin/false bypass vulnerability via xauth.