>> CATEGORY: exploit

Backdoor.Win32.Tiny.c malware suffers from a code execution vulnerability.

Moxa TN-5900 versions 3.1 and below suffer from an issue where a user who has authenticated to the management web application is able to leverage a command injection vulnerability in…

Fetch Softworks Fetch FTP Client version 5.8 suffers from a remote CPU consumption denial of service vulnerability.

WordPress Mortgage Calculators WP plugin version 1.52 suffers from a persistent cross site scripting vulnerability.

Oracle WebLogic Server suffers from a local file inclusion vulnerability. Versions affected include 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.

WordPress Modern Events Calendar plugin versions 6.1 and below suffer from an unauthenticated remote SQL injection vulnerability.

PolicyKit-1 version 0.105-31 pkexec local privilege escalation exploit.

WordPress RegistrationMagic V plugin versions 5.0.1.5 and below suffer from a remote SQL injection vulnerability.

Local privilege escalation root exploit for Polkit’s pkexec vulnerability as described in CVE-2021-4034 and known as PwnKit.