Constructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including…
ES File Explorer 4.1.9.7.4 – Arbitrary File Read
Android version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
Netgear WNAP320 2.0.3 – ‘macAddress’ Remote Code Execution (RCE) (Unauthenticated)
SAS Environment Manager 2.5 – ‘name’ Stored Cross-Site Scripting (XSS)
Atlassian Jira Server/Data Center 8.16.0 – Reflected Cross-Site Scripting (XSS)
WordPress Plugin YOP Polls 6.2.7 – Stored Cross Site Scripting (XSS)
VMware vCenter server versions 6.5, 6.7, and 7.0 unauthenticated remote code execution exploit.
Backdoor.Win32.ReverseTrojan.200 malware suffers from an authentication bypass vulnerability.