CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.
HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.
Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.
This is a script to trigger (Rowhammer) bit flips on TRR-enabled DDR4 SDRAM through Firefox. It will only work with THP enabled and after having set the target-specific parameters.
Tileserver-gl version 3.0.0 suffers from a cross site scripting vulnerability.
Horde Groupware Webmail version 5.2.22 suffers from a persistent cross site scripting vulnerability.
htmly version 2.8.0 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Zombam.h malware suffers from a buffer overflow vulnerability.
This Metasploit module exploits a command injection vulnerability in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to…