An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy (SCP).
RarmaRadio version 2.72.8 denial of service proof of concept exploit.
Codiad version 2.8.4 suffers from a remote shell upload vulnerability.
ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.
Skylight Cyber has identified a total of 13 vulnerabilities in Nagios XI and Nagios Fusion servers. These include remote code execution, cross site scripting, privilege escalation, and more.
Pluck CMS version 4.7.13 suffers from a remote shell upload vulnerability.
i-doit version 1.15.2 suffers from a cross site scripting vulnerability.
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character (‘.’, 0x2E) out of bounds in a heap allocated buffer. The vulnerability…
Apple Security Advisory 2021-05-25-4 – Security Update 2021-003 Catalina addresses bypass, code execution, denial of service, heap corruption, information leakage, out of bounds read, out of bounds write, and use-after-free…
Apple Security Advisory 2021-05-25-3 – Security Update 2021-004 Mojave addresses bypass, code execution, denial of service, heap corruption, information leakage, out of bounds read, out of bounds write, and use-after-free…