Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.
>> CATEGORY: exploit
Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.
The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
Adaware Web Companion version 4.8.2078.3950 suffers from an unquoted service path vulnerability.
WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion.
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication using the RDS component. Due to default settings or misconfiguration, its password can be set to an…
This Metasploit module exploits an unauthenticated command injection vulnerability in rConfig versions 3.9.2 and prior. The install directory is not automatically removed after installation, allowing unauthenticated users to execute arbitrary…
This Metasploit module exploits CVE-2017-13156 in Android to install a payload into another application. The payload APK will have the same signature and can be installed as an update, preserving…
This Metasploit module exploits the SNMP write access configuration ability of SNMP-EXTEND-MIB to configure MIB extensions and lead to remote code execution.
Wacom WTabletService version 6.6.7-3 suffers from a WTabletServicePro unquoted service path vulnerability.