The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell…
>> CATEGORY: exploit
Voting System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Syed Sheeraz Ali…
Sandboxie Plus version 0.7.4 suffers from an unquoted service path vulnerability.
Sandboxie version 5.49.7 suffers from a denial of service vulnerability.
Android suffers from memory disclosure, out-of-bounds write, and double-free vulnerabilities in NFC’s Felica tag handling.
Voting System version 1.0 suffers from a remote shell upload vulnerability.
Human Resource Information System version 0.1 suffers from a remote code execution vulnerability.
Epic Games Easy Anti-Cheat version 4.0 suffers from a local privilege escalation vulnerability.
WifiHotSpot version 1.0.0.0 suffers from an unquoted service path vulnerability.
This Metasploit module serves an OSX app (as a zip) that contains no Info.plist, which bypasses gatekeeper in macOS versions prior to 11.3. If the user visits the site on…