Posts

WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery

WordPress Memphis Documents Library 3.9.19 Cross Site Request Forgery

Microsoft Windows Task Scheduler .job Import Arbitrary DACL Write

Mozilla Firefox/Thunderbird/Firefox ESR Multiple Security Vulnerabilities

FreeBSD rtld execl() Privilege Escalation

Mac OS X Feedback Assistant Race Condition

Shopware createInstanceFromNamedArguments PHP Object Instantiation

XNU Stale Pointer Use-After-Free

XNU stf_ioctl Bad Cast

Visual Voicemail For iPhone IMAP NAMESPACE Use-After-Free

Microsoft Windows CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration

JavaScriptCore LICM Uninitialized Stack Variable

Darktrace Enterpise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery

PHP PHP_INI_SYSTEM Ineffective Controls

Slims CMS Akasia 8.3.1 SQL Injection

phpKF 1.10 XSS / CSRF / SQL Injection

Freelance Cockpit CRM 3.3.1 SQL Injection

Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution

Emerson Network Power Liebert Challenger 5.1E0.5 Cross Site Scripting

Common Desktop Environment 2.3.0 dtprintinfo Privilege Escalation

Huawei eSpace 1.1.11.103 Meeting Heap Overflow

Huawei eSpace 1.1.11.103 Meeting Image File Format Handling Buffer Overflow

Huawei eSpace 1.1.11.103 Unicode Stack Buffer Overflow

Huawei eSpace 1.1.11.103 DLL Hijacking

Cisco Expressway Gateway 11.5.1 Directory Traversal

GetSimpleCMS 3.3.15 Remote Code Execution

SEL AcSELerator Architect 2.2.24 Denial Of Service

Axessh 4.2 Denial Of Service

ZOC Terminal 7.23.4 Denial Of Service

JetAudio jetCast Server 2.0 Buffer Overflow

WeChat 7.0.4 Denial Of Service

VMware Workstation DLL Hijacking

RSA NetWitness Authorization Bypass

Legrand BTicino Driver Manager F454 1.0.51 Cross Site Scripting

Legrand BTicino Driver Manager F454 1.0.51 Cross Site Request Forgery

DeepSound 1.0.4 SQL Injection

Dnsmasq VU#973527 Multiple Security Vulnerabilities

CommSy 8.6.5 SQL Injection

Tomabo MP4 Converter 3.25.22 Denial Of Service

Schneider Electric U.Motion Builder 1.3.4 Command Injection

PHP-Fusion 9.03.00 Remote Code Execution

PasteShr 1.6 SQL Injection

TwistedBrush Pro Studio 24.06 Denial Of Service

Telenor.com.pk SMS 2-Factor Bypass

Selfie Studio 2.17 Denial Of Service

Ellucian Banner Web Tailor / Banner Enterprise Identity Services Improper Authentication

System Down: A systemd-journald Exploit

Go Cryptography Libraries Cleartext Message Spoofing

SOCA Access Control System 180612 Cross Site Request Forgery