Roxy Fileman versions 1.4.6 and below remote shell upload proof of concept exploit.
This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP’s iControl interface to write an arbitrary file to the filesystem. While any file can be written to…
This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a draft email, the attachment will be…
In AppleAVD.kext, pixel buffers are mapped by calling AppleAVDUserClient::_mapPixelBuffer, which eventually calls AppleAVD::allocateKernelMemoryInternal. If the buffer is an IOSurface, the function calls IOSurface::deviceLockSurface before allocating memory by calling prepare. But…
In the function AppleAVDUserClient::decodeFrameFig, a location in the decoder’s IOSurface input buffer is calculated, and then bzero is called on it. The size of this IOSurface’s allocation is controllable by…
https://naluangsen.go.th/fine.html notified by /Rayzky_
This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to…
http://tpso4.m-society.go.th/bdkr.htm notified by Mr. BDKR28
This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to…
Internet Download Manager version 6.41 Build 3 suffers from a man-in-the-middle vulnerability that can enable an attacker to execute code on the victim’s system.