>> CATEGORY: exploit

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a denial of service vulnerability. The device can be shutdown or rebooted by an unauthenticated attacker when issuing one HTTP…

Jenkins version 2.63 suffers from a sandbox bypass vulnerability.

HiSilicon Video Encoder suffers from an unauthenticated RTSP buffer overflow vulnerability that can cause a denial of service condition.

FRITZ!Box versions 7.20 and below suffer from a DNS rebinding protection bypass vulnerability.

Mocha for Android suffers from an issue where a call can cause the callee device to send audio without user interaction.

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from an unauthenticated remote code execution vulnerability. Abusing the hidden ReQuest Internal Utilities page (/tools) from the services provided, an attacker…

Chrome suffers from a use-after-free vulnerability in WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList.

Chrome suffers from a use-after-free vulnerability in USB::OnServiceConnectionError.

This Metasploit module exploits a server-side include (SSI) in SharePoint to leak the web.config file and forge a malicious ViewState with the extracted validation key. This exploit is authenticated and…

Employee Management System version 1.0 suffers from a persistent cross site scripting vulnerability.