Posts

Concrete CMS 9.1.3 XPATH Injection

vBulletin 5.5.2 PHP Object Injection

Backdoor.Win32.Autocrat.b MVID-2022-0660 Weak Hardcoded Credential

Win32.Ransom.Conti MVID-2022-0662 Cryptography Logic Flaw

Trojan.Win32.DarkNeuron.gen MVID-2022-0661 Named Pipe NULL DACL

Helmet Store Showroom 1.0 SQL Injection

Sanitization Management System 1.0 SQL Injection

Chrome blink::LocalFrameView::PerformLayout Use-After-Free

XNU vm_object Use-After-Free

XNU Dangling PTE Entry

F5 BIG-IP iControl Remote Command Execution

Ecommerce 1.0 Cross Site Scripting / Open Redirect

Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy

ChurchInfo 1.2.13-1.3.0 Remote Code Execution

F5 BIG-IP iControl Cross Site Request Forgery

Roxy Fileman 1.4.6 Remote Shell Upload

Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass

Microsoft Outlook 2019 16.0.13231.20262 Remote Code Execution

Microsoft Outlook 2019 16.0.12624.20424 Out-Of-Bounds Read

Microsoft Outlook 2019 16.0.12624.20424 Remote Code Execution

ZTE ZXHN-H108NS Authentication Bypass

WordPress BeTheme 26.5.1.4 PHP Object Injection

Backdoor.Win32.Oblivion.01.a MVID-2022-0658 Insecure Transit

ZTE ZXHN-H108NS Stack Buffer Overflow / Denial Of Service

ClicShopping 3.402 Cross Site Scripting

Trojan.Win32.Platinum.gen MVID-2022-0657 Code Execution

AppleAVD AppleAVDUserClient::decodeFrameFig Memory Corruption

AppleAVD deallocateKernelMemoryInternal Missing Surface Lock

Gitea Git Fetch Remote Code Execution

Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass

Revenue Collection System 1.0 SQL Injection / Remote Code Execution

Backdoor.Win32.Quux MVID-2022-0656 Hardcoded Credential

Internet Download Manager 6.41 Build 3 Man-In-The-Middle

Payara Platform Path Traversal

BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection

Simmeth System GmbH Supplier Manager LFI / SQL Injection / Bypass

WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery

Cisco Secure Email Gateway Malware Detection Evasion

VMware NSX Manager XStream Unauthenticated Remote Code Execution

Node-saml Root Element Signature Bypass

libxml2 xmlParseNameComplex Integer Overflow

libxml2 Attribute Parsing Double-Free

Backdoor.Win32.RemServ.d MVID-2022-0655 Remote Command Execution

TOR Virtual Network Tunneling Tool 0.4.7.11

MSNSwitch Firmware MNT.2408 Remote Code Execution

AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal

SmartRG Router SR510n 2.6.13 Remote Code Execution

CVAT 2.0 Server-Side Request Forgery

IOTransfer 4 Unquoted Service Path