Posts

Zyxel Firewall SUID Binary Privilege Escalation

WordPress Core Cross Site Scripting / SQL Injection

Linux KVM Instruction Emulation Issue

AeroCMS 0.0.1 SQL Injection

Xalan-J XSLTC Integer Truncation

Centreon 22.04.0 Cross Site Scripting

PrestaShop Ap Pagebuilder 2.4.4 SQL Injection

Arm Mali CSF VMA Split Mishandling

Zimbra Zip Path Traversal

Teleport 9.3.6 Command Injection

WordPress Duplicator 1.4.7.2 Backup Disclosure

10-Strike Network Inventory Explorer 9.3 Buffer Overflow

Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution

Personnel Property Equipment 2015-2022 SQL Injection

AppleAVD AVC_RBSP::parseSliceHeader ref_pic_list_modification Overflow

Transposh WordPress Translation 1.0.8.1 Incorrect Authorization

FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS

Chrome content::ServiceWorkerVersion::MaybeTimeoutRequest Heap Use-After-Free

FLIX AX8 1.46.16 Remote Command Execution

Advantech iView NetworkServlet Command Injection

Polar Flow Android 5.7.1 Secret Disclosure

FreeBSD 13.0 aio_aqueue Kernel Refcount Local Privilege Escalation

Hacking Zyxel IP Cameras To Get A Root Shell

Race Against The Sandbox

TypeORM 0.3.7 Information Disclosure

TOR Virtual Network Tunneling Tool 0.4.7.10

Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation

Win32.Ransom.BlueSky MVID-2022-0632 Code Execution

Inout RealEstate 2.1.2 SQL Injection

Inout SiteSearch 2.0.1 Cross Site Scripting

Gigaland NFT Marketplace 1.9 Shell Upload / Key Disclosure

Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow

Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload

Readymade Job Portal Script SQL Injection

Fiberhome AN5506-02-B Cross Site Scripting

Intelbras ATA 200 Cross Site Scripting

Webmin Package Updates Command Injection

Zimbra zmslapd Privilege Escalation

AirSpot 5410 0.3.4.1-4 Remote Command Injection

Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass

Feehi CMS 2.1.1 Cross Site Scripting

Matrimonial PHP Script 1.0 SQL Injection

PAN-OS 10.0 Remote Code Execution

Backdoor.Win32.Guptachar.20 MVID-2022-0631 Insecure Credential Storage

Prestashop Blockwishlist 2.1.0 SQL Injection

Thingsboard 3.3.1 Cross Site Scripting

ManageEngine ADAudit Plus Path Traversal / XML Injection

WordPress Duplicator 1.4.7.1 Backup Disclosure

Nortek Linear eMerge E3-Series Account Takeover