Adobe DNG SDK suffers from memory corruption and other crashes caused by malformed .dng images.
>> CATEGORY: exploit
This Metasploit module exploits unauthenticated access to the runner() and _send_pub() methods in the SaltStack Salt master’s ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to…
This Metasploit module exploits a Python code injection in the Netsweeper WebAdmin component’s unixlogin.php script, for versions 6.4.4 and prior, to execute code as the root user. Authentication is bypassed…
Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in…
Kartris version 1.6 suffers from an arbitrary file upload vulnerability.
Pi-hole versions 4.4 and below remote code execution and privilege escalation exploit.
Pi-hole versions 4.4 and below suffer from a remote code execution vulnerability.
Online AgroCulture Farm Management System version 1.0 suffers from a remote SQL injection vulnerability that leverages the uname parameter.
Victor CMS version 1.0 suffers from a remote SQL injection vulnerability.
CuteNews version 2.1.2 suffers from an arbitrary file deletion vulnerability.