Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.
>> CATEGORY: exploit
This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command…
The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation.
The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation.
Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability that allows for privilege escalation.
Mozilla’s Firefox 85 for Windows has a weak DACL for domain networks.
ERPNext versions 12.18.0 and 13.0.0 suffer from an authenticated remote SQL injection vulnerability.
SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.
ERPNext versions 12.18.0 and 13.0.0 suffer from reflective and persistent cross site scripting vulnerabilities.