Insufficient data validation in V8 in Google Chrome versions prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Atlassian Jira Service Desk version 4.9.1 suffers from a cross site scripting vulnerability via a file upload.

Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API…

Composr CMS version 10.0.36 suffers from a cross site scripting vulnerability.

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is…

Monospace Directus Headless CMS versions prior to 8.8.2 suffers from .htaccess rule bypass and arbitrary file upload vulnerabilities.

A radio proximity kernel memory corruption vulnerability exists in iOS and macOS due to bad state machine in BSS steering.

This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gitea. This is possible when the current…

This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gogs. This is possible when the current…