Shopware version 5.5.6 suffers from multiple cross site scripting vulnerabilities.
>> CATEGORY: exploit
Serv-U FTP Server version 15.1.6.25 suffers from a local privilege escalation vulnerability via authentication bypass.
pfSense version 2.4.4-p3 with ACMEPackage version 0.5.7_1 suffers from a persistent cross site scripting vulnerability.
WordPress Nya-Comment-DoFollow plugin version 1.0 suffers from an open redirection vulnerability.
WordPress WPAds plugin version 1.0 suffers from an open redirection vulnerability.
Free SMTP Server version 2.5 denial of service proof of concept exploit.
The Qualcomm Android kernel suffers from a use-after-free vulnerability via an incorrect set_page_dirty() in KGSL.
Microsoft Windows suffers from a deployment service local privilege escalation vulnerability that bypasses the fix for CVE-2019-0841.
Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at…
Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.