Posts

perfSONAR 4.4.5 Cross Site Request Forgery

perfSONAR 4.4.4 Open Proxy / Relay

Microsoft Exchange ProxyNotShell Remote Code Execution

Intel Data Center Manager 4.1.1.45749 Authentication Bypass / Spoofing

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption

Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection

Remote Control Collection Remote Code Execution

Concrete CMS 9.1.3 XPATH Injection

vBulletin 5.5.2 PHP Object Injection

Backdoor.Win32.Autocrat.b MVID-2022-0660 Weak Hardcoded Credential

Win32.Ransom.Conti MVID-2022-0662 Cryptography Logic Flaw

Trojan.Win32.DarkNeuron.gen MVID-2022-0661 Named Pipe NULL DACL

Helmet Store Showroom 1.0 SQL Injection

Sanitization Management System 1.0 SQL Injection

Chrome blink::LocalFrameView::PerformLayout Use-After-Free

XNU vm_object Use-After-Free

XNU Dangling PTE Entry

F5 BIG-IP iControl Remote Command Execution

Ecommerce 1.0 Cross Site Scripting / Open Redirect

Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy

ChurchInfo 1.2.13-1.3.0 Remote Code Execution

F5 BIG-IP iControl Cross Site Request Forgery

Roxy Fileman 1.4.6 Remote Shell Upload

Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass

Microsoft Outlook 2019 16.0.13231.20262 Remote Code Execution

Microsoft Outlook 2019 16.0.12624.20424 Out-Of-Bounds Read

Microsoft Outlook 2019 16.0.12624.20424 Remote Code Execution

ZTE ZXHN-H108NS Authentication Bypass

WordPress BeTheme 26.5.1.4 PHP Object Injection

Backdoor.Win32.Oblivion.01.a MVID-2022-0658 Insecure Transit

ZTE ZXHN-H108NS Stack Buffer Overflow / Denial Of Service

ClicShopping 3.402 Cross Site Scripting

Trojan.Win32.Platinum.gen MVID-2022-0657 Code Execution

AppleAVD AppleAVDUserClient::decodeFrameFig Memory Corruption

AppleAVD deallocateKernelMemoryInternal Missing Surface Lock

Gitea Git Fetch Remote Code Execution

Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass

Revenue Collection System 1.0 SQL Injection / Remote Code Execution

Backdoor.Win32.Quux MVID-2022-0656 Hardcoded Credential

Internet Download Manager 6.41 Build 3 Man-In-The-Middle

Payara Platform Path Traversal

BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection

Simmeth System GmbH Supplier Manager LFI / SQL Injection / Bypass

WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery

Cisco Secure Email Gateway Malware Detection Evasion

VMware NSX Manager XStream Unauthenticated Remote Code Execution

Node-saml Root Element Signature Bypass

libxml2 xmlParseNameComplex Integer Overflow

libxml2 Attribute Parsing Double-Free

Backdoor.Win32.RemServ.d MVID-2022-0655 Remote Command Execution