This archive holds Bluetooth Impersonation Attack (BIAS) CVE-2020-10135 proof of concept and reproduction research from multiple researchers.
>> CATEGORY: exploit
The DFG and FTL JIT compilers incorrectly replace Checked with Unchecked ArithNegate operations (and vice versa) during Common Subexpression Elimination. This can then be exploited to cause out-of-bounds accesses and…
Sabberworm PHP CSS parser suffers from a code injection vulnerability. Many versions are affected.
Apache Tomcat is affected by a Java deserialization vulnerability if the PersistentManager is configured as session manager. Successful exploitation requires the attacker to be able to upload an arbitrary file…
Insecure TLS session reuse can lead to a hostname verification bypass in Node.js.
VMware vCenter Server version 6.7 authentication bypass exploit.
QuickBox Pro versions 2.1.8 and below suffer from an authenticated remote code execution vulnerability.
Microsoft Windows SMBGhost pre-authentication remote code execution exploit.
This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 and below. This module uses the getIndexableContent vulnerability to reset the administrator’s password and it then uses…
WordPress BBPress plugin version 2.5 suffers from an unauthenticated privilege escalation vulnerability.