Epic Games Fortnite version 4.2-CL-4072250 suffers from an insecure file permissions vulnerability.
>> CATEGORY: exploit
MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Merge PACS version 7.0 suffers from a cross site request forgery vulnerability.
Teradek VidiU Pro version 3.0.3 suffers from a server-side request forgery vulnerability.
GitBucket version 4.23.1 suffers from remote code execution and arbitrary file read vulnerabilities.
Teradek VidiU Pro version 3.0.3 change password cross site request forgery exploit.
ILIAS versions 5.3.2, 5.2.14, and 5.1.25 suffer from a cross site scripting vulnerability.
This Metasploit module exploits a race condition and use-after-free in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2016-8655). The bug was initially…