BlackCat CMS version 1.1.1 suffers from an arbitrary file download vulnerability.
f8fe91c327a9426411a6ab0146f398710c166865e0b8856056ca898353a6d541
RealTimes (Realplayer) versions 18.0.1.6 and below suffer from a desktop service trusted path privilege escalation vulnerability.
a464f6ef7f8e5ab701f2dd718de925bb0e3201cd2c1a94efc90b3b217d06f0bc
XtMediaPlayer version 0.93 memory corruption proof of concept exploit.
6f20422bb0ff521e463929e32ec936ee0b979b95a289460be8c2a8c3b0461fd5
FinePlayer version 2.20 memory corruption proof of concept exploit.
cfd118d530c7f9ec518ef261b7367e07b28950a2f5988cee0e98550918186628
The Wordpress Front-end Editor plugin contains an authenticated file upload vulnerability. We can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the wordpress api it's possible to upload any file type.
4c662be98cc847f1fda87bc53f625fed8f4063241fb9ce7f5a4f93813b84ca2a
TYPO3 Extension Akronymmanager versions 0.5.0 and below suffer from a remote SQL injection vulnerability.
aac69e36a0f488aa5dee4394cf24dc79b0f67a865c150c8fec55cebfb6a873d3
Cisco AnyConnect Secure Mobility Client VPN API suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to the 'strHostNameOrAddress' parameter in 'ConnectVpn' function which resides in the vpnapi.dll library, resulting in memory corruption and overflow of the stack. An attacker can gain access to the system of the affected node and execute arbitrary code.
dac7411f05283d661db0270e17445520d8333ee834fc62e65065a63168d12eaf
WordPress Users to CSV plugin version 1.4.5 suffers from a cross site request forgery vulnerability.
c38fe2e6df77a4561880a32236ac8f8846cbae32ac709e17d717ef5696e62165
FileZilla version 3.11.0.2 sftp module suffers from a denial of service vulnerability.
6f5addd9e80d5d04984d14203047dc430960e693a316f1e9d6621834ac0addfc
Putty version 0.64 suffers from a denial of service vulnerability.
652c615b9065b861d6a2decdaf69220e6037de132a76a0adf1f2e4980881b8f2
E-Detective Lawful Interception System suffers from unauthenticated local file disclosure and authenticated remote code execution vulnerabilities.
64c39f809c03f1a94ebac5106a83174fcb350e878a1e1df9d6689b69cdfb222f
OpenBSD versions 5.7 and below local kernel panic sys_execve() denial of service exploit.
08a1c39f177c7064d8f0277804cdc10adf6374aff52dfeb3028b3841e4b02218
WordPress NativeChurch theme versions 1.0 through 1.5 suffer from an arbitrary file download vulnerability.
6618b3ba418a0c1db66dbc8a7366c534e8ca74ffccc1b6b8527db3ed7323d919
WordPress Yoast versions 2.1.1 and below suffer from a persistent cross site scripting vulnerability.
bfff3a2275513e91d91d935dc8fc2eab7d110e75073113f0eff262f408506b4e
ZENWorks Mobile Management version 3.1.0 suffers from cross site scripting vulnerabilities.
4bbde26ce7965cf1887a851e3e9618d8219aa196922007ddf099b40bc39424d9
ZCMS version 1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
48b7985536c829c68f8c273b6cbb3c70ba81616e23a0a6717f970b9388c773f3
Concrete5 versions 5.7.4 and below suffer from a remote SQL injection vulnerability.
09135e38d13882eebea77629d624025c3928967909de59178c537978dfc7e7ac
Concrete5 versions 5.7.3.1 and below suffer from multiple cross site scripting vulnerabilities.
5a6ef1506e51dfe8f5c743d4ac107de78835ad514c929a0dbd4c1e19c02acdda
Nakid CMS suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.
213644d6e877f9fa9f9a49e5bc61b7ee71f973106f713dd2bf637428e4c5a084
Concrete5 versions 5.7.3.1 and below suffers from a sendmail-related remote code execution vulnerability.
2738129737c2ca9db8afcb24d75b7688377742b1d8ad9da2b2e8397c4bd6faed
HP WebInspect versions 7.x, 8.x, 9.x, and 10.0 through 10.4 suffer from an XML external entity vulnerability.
44df7fcf639b2f66354665111858dd4bced1a796a547d6fed87ff5cd8eccb16d
D-Link DSP-W110 suffers from command execution, remote file upload, and remote SQL injection vulnerabilities.
987c2150fb283efdb56ad6e1fe865f4be1e2dd33aa09a56da9ad840d2f12fcee
OSSEC versions 2.7 through 2.8.1 suffer from a local root escalation vulnerability.
da7900816ec1317c697a05427f893356afcf036cd0b4650baf2f3a1691906bca
WordPress Paypal Currency Converter Basic For Woocommerce plugin version 1.3 suffers from a remote file read vulnerability.
e04dd5ea02115e46a5cc0fb22ba122f16b77c65143a6298895abb799aa17cfc8
WordPress History Collection versions 1.1.1 and below suffers from an arbitrary file download vulnerability.
292b146038de272d4fe5d399d89090da275db148602fb4c38a8f1875b905c077