Bagisto version 1.3.3 suffers from a client-side template injection vulnerability.
>> CATEGORY: exploit
Backdoor.Win32.Coredoor.10.a malware suffers from bypass and code execution vulnerabilities.
Email-Worm.Win32.Deltad malware suffers from an insecure permissions vulnerability.
D-Link DSL-3782 pre-authentication remote root exploit.
Backdoor.Win32.Coredoor.10.a malware suffers from a man-in-the-middle vulnerability.
This Metasploit module exploits CVE-2021-40539, a REST API authentication bypass vulnerability in ManageEngine ADSelfService Plus, to upload a JAR and execute it as the user running ADSelfService Plus – which…
CMSimple version 5.4 local file inclusion to remote code execution exploit.
The Serva TFTP server version 4.4.0 can be brought down by sending a special Read request.
HTTPDebuggerPro version 9.11 suffers from an unquoted service path vulnerability.
Apple ColorSync suffers from a use of uninitialized memory in CMMNDimLinear::Interpolate.