Trojan-Downloader.Win32.FraudLoad.xevn malware suffers from an insecure permissions vulnerability.
Mini Mouse version 9.3.0 suffers from local file inclusion and path traversal vulnerabilities.
Pulse Secure Pulse Connect Secure versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure versions 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1,…
smtp_mailaddr in smtp_session.c in OpenSMTPD version 6.6, as used in OpenBSD version 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session,…
Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is…
This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.
Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS
Composr CMS 10.0.36 – Cross Site Scripting
RockstarService.exe suffers from an insecure file permissions vulnerability.
Simple Food Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.