Rapid7 Nexpose Installer version 6.6.39 suffers from a local privilege escalation vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits an arbitrary file write in cfprefsd on macOS versions 10.15.4 and below in order to run a payload as root. The CFPreferencesSetAppValue function, which is reachable…
The COVR 3902 REVA router with firmware 1.01B0 has hardcoded telnet credentials.
All versions up to and prior to OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from a multitude of remote SQL injection vulnerabilities.
Nord VPN version 6.31.13.0 suffers from an unquoted service path vulnerability.
SiteMagic CMS version 4.4.2 suffers from a remote shell upload vulnerability.
Noise-Java suffers from an issue located in the ChaChaPolyCipherState.encryptWithAd() method defined in ChaChaPolyCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the…
Noise-Java suffers from an issue located in the AESGCMFallbackCipherState.encryptWithAd() method defined in AESGCMFallbackCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the…
Red Lion N-Tron 702-W and 702M12-W versions 2.0.26 and below suffer from cross site request forgery, hidden shell interface, cross site scripting and busybox vulnerabilities.
Noise-Java suffers from an issue located in the AESGCMOnCtrCipherState.encryptWithAd() method defined in AESGCMOnCtrCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the…