The WSAQuerySocketSecurity API returns full anonymous impersonation tokens for connected peers in an AppContainer leading to a sandbox escape.
A use after free vulnerability exists in the NtGdiResetDC() function of Win32k which can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists…
FormaLMS 2.4.4 – Authentication Bypass
AbsoluteTelnet 11.24 – ‘Phone’ Denial of Service (PoC)
AbsoluteTelnet 11.24 – ‘Username’ Denial of Service (PoC)
Apache HTTP Server 2.4.50 – Remote Code Execution (RCE) (3)
YeaLink SIP-TXXXP 53.84.0.15 – ‘cmd’ Command Injection (Authenticated)
This Metasploit module exploits a remote command injection vulnerability in Movable Type versions 7 r.5002 and below.
Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission.