This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gogs. This is possible when the current…
Linux Kernel 5.4 – ‘BleedingTooth’ Bluetooth Zero-Click Remote Code Execution
Composr 10.0.36 – Remote Code Execution
DMA Radius Manager 4.4.0 – Cross-Site Request Forgery (CSRF)
CMSimple 5.2 – ‘External’ Stored XSS
Insufficient data validation in V8 in Google Chrome versions prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
An out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Trojan-Downloader.Win32.FraudLoad.xevn malware suffers from an insecure permissions vulnerability.
Mini Mouse version 9.3.0 suffers from local file inclusion and path traversal vulnerabilities.
Pulse Secure Pulse Connect Secure versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure versions 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1,…