Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.
>> CATEGORY: exploit
JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.
There’s a task in Windows Task Scheduler called “SilentCleanup” which, while it’s executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%system32cleanmgr.exe. Since it…
D-Link models DIR-652, DIR-615, DIR-827, DIR-615, DIR-657, and DIR-825 suffer from an administrative password disclosure vulnerability.
Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.
SAPIDO RB-1732 version 2.0.43 suffers from a remote command execution vulnerability.
SuperDoctor5 implemented a remote command execution plugin in their implementation of NRPE that can be leveraged without authentication.
WordPress iLive plugin version 1.0.4 suffers from a cross site scripting vulnerability.
WordPress Live Chat Unlimited plugin version 2.8.3 suffers from a persistent cross site scripting vulnerability.
Fortinet FCM-MB40 suffers from remote command execution and cross site request forgery vulnerabilities.