Posts

Cisco WebEx Network Recording Player DoS / Code Execution

Windows Defender Controlled Folder Bypass

Huge Dirty Cow Proof Of Concept

WordPress WooCommerce 2.0 / 3.0 Directory Traversal

ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery

ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting

macOS High Sierra - Root Privilege Escalation (Metasploit)

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page

Asterisk 13.17.2 - Memory Corruption

WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability

Cisco Jabber CVE-2017-12356 Cross Site Scripting Vulnerability

Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting Vulnerability

Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability

Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability

Hipchat For Mac 4.x Remote Code Execution

Hipchat Data Center / Hipchat Server Code Execution / SSRF

Synology StorageManager 5.2 Remote Command Execution

QEMU 2.10 Buffer Overflow

Exim 4.89 Denial Of Service

Diving Log 6.0 XML External Entity Injection

Mac OS X Root Privilege Escalation

Asterisk 13.17.2~dfsg-2 Memory Exhaustion

QEMU - Stack Buffer Overflow in NBD Server Triggered via Long Export Name

pfSense - Authenticated Group Member RCE (Metasploit)

Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation

osCommerce 2.3.4.1 - Arbitrary File Upload

TempestSDR RTL-SDR Fork

HikVision Wi-Fi IP Camera Wireless Access Point State

Android Gmail Attachment Download Directory Traversal

pfSense 2.3.1_1 Remote Command Execution

TempestSDR Remote Video Eavesdropping

Synology StorageManager 5.2 - Remote Root Command Execution

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

CMS Made Simple 2.1.6 Cross Site Scripting / Template Injection

ZTE ZXDSL 831 Unauthorized Configuration Access Bypass

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability

ZTE ZXDSL 831CII - Improper Access Restrictions

Diving Log 6.0 - XML External Entity Injection

KMPlayer 4.2.2.4 - Denial of Service

Winamp Pro 5.66.Build.3512 - Denial of Service

Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly

Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the return Instruction