>> CATEGORY: exploit

On Microsoft Windows, the LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to…

On Microsoft Windows, the LUAFV driver can confuse the cache and memory manager to replace the contents of privileged file leading to elevation of privilege.

2 Plan Team version 1.0.4 suffers from a cross site scripting vulnerability.

WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.

ASUS HG100 suffers from a denial of service vulnerability.

DHCP Server version 2.5.2 suffers from a denial of service vulnerability.

OAMbuster is a multi-threaded exploit for CVE-2018-2879.

A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType, implemented in a proprietary t2k…

A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.

Jobberbase CMS version 2.0 suffers from a remote SQL injection vulnerability.