Posts

WebKit Element::setAttributeNodeNS Use-After-Free

WebKit JSC emitPutDerivedConstructorToArrowFunctionContextScope Incorrect Check

WebKit JSC JSObject::ensureLength Failure Check

WebKit CachedFrameBase::restore Universal Cross Site Scripting

WebKit CachedFrame Universal Cross Site Scripting

WebKit Document::prepareForDestruction / CachedFrame Universal XSS

ModX CMS Proof Of Concept Shell Upload

Piwigo Plugin Facetag 0.0.3 - Cross-Site Scripting

OV3 Online Administration 3.0 - Directory Traversal

OV3 Online Administration 3.0 - Remote Code Execution

OV3 Online Administration 3.0 - SQL Injection

Sudo '/src/ttyname.c' Local Privilege Escalation Vulnerability

Microsoft Domain Controller Remote Code Execution Vulnerability

Piwigo Facetag 0.0.3 SQL Injection

KEMP LoadMaster 7.135.0.13245 XSS / Code Execution

IBM Informix Dynamic Server DLL Injection / Code Execution

Trend Micro Deep Security 6.5 XXE / Code Execution

TerraMaster F2-420 NAS TOS 3.0.30 Code Execution

uc-httpd Local File Inclusion / Traversal

OV3 Online Administration 3.0 SQL Injection

OV3 Online Administration 3.0 Authenticated Code Execution

OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access

WordPress Simple Slideshow Manager 2.2 Cross Site Scripting

Microsoft MsMpEng Saved Callers Use-After-Free

Microsoft MsMpEng GC Engine Use-After-Free

Intel SSD Toolbox 3.4.3 DLL Hijacking

Ampache 3.8.2 Cross Site Scripting

RealPlayer 18.1.7.344 Memory Corruption

Acunetix Web Vulnerability Scanner 11 Privilege Escalation

MailSecRep Email Analysis Tool For Outlook

TiEmu 2.08 Buffer Overflow

CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors

Joomla 3.x Proof Of Concept Shell Upload

Microsoft Azure Recovery Services Agent DLL Hijacking

DokuWiki Proof Of Concept Shell Upload

Concrete5 Proof Of Concept Shell Upload

Libming 0.4.8 Denial Of Service

Home FTP Server 1.14.0 Build 176 Directory Traversal

Piwigo Plugin Facetag 0.0.3 - SQL Injection

Microsoft MsMpEng - Use-After-Free via Saved Callers

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine

TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Remote Code Execution as Root

IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Heap Buffer Overflow

KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting / Remote Code Execution

Trend Micro Deep Security version 6.5 - XML External Entity Injection / Local Privilege Escalation / Remote Code Execution

TiEmu 2.08 - Local Buffer Overflow

uc-http Daemon - Local File Inclusion / Directory Traversal

Octopus Deploy - Authenticated Code Execution (Metasploit)

Samba - is_known_pipename() Arbitrary Module Load (Metasploit)

WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection