PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.
9c34fbd117127a3840b2442b7d3bfb24a58fe4b805b2f7a9213ddb4100a8aff6
Web Based TimeSheet Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e37550708fb2dcb26c3bc4846556e732023853390e00ccc4bf77bd69ec22797c
Android suffers from a KASLR bypass in pm_qos.
e57d39b01d246ceb8c13456e2e06c50b7a9d4704cb145b0737118ed637b996fd
Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.
71fb8aae34cb7c0d37a7f49a309f5a2dae66cfa5cdb219509169904461df04bc
Cisco WebEx version 1.0.5 suffers from a new arbitrary command execution vulnerability via a module whitelist bypass.
cca3ecf12e0dac1eb99404188e20bcca27a53567815273560c040946b9001609
HTTP_Upload version 1.0.0b3 fails to appropriately take into consideration more than file extensions when mitigating malicious file uploads, allowing for remote code execution.
e323fe2a36bdc1ea0a49a45f10d4a5a86e92e82480c26d9d199a73052395b5c5
Mac OS and iOS kernels suffer from a memory corruption vulnerability due to a userspace pointer being used as a length.
0e21ab8bef04b55df21495e7a540f3e13300a9331dbcf4776f45dad00c8a3317
Mac OS / iOS kernels suffer from a use-after-free due to a failure to take reference in IOService::matchPassive.
57adee4dbe381b4218e166f2027051025367d86e1a973643acee3ccb7042ec38
WD My Cloud Mirror version 2.11.153 suffers from remote command execution and authentication bypass vulnerabilities.
b6e6e9435d35488c27f70634c1ba1c1a4fb0d74f1203dc7d4d19ef05043a7baf
This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.
af960164b10f4978888d3c2dcdca0041f4f8d2e33bf4bb4404e345fe8ea3e6b9
Cisco's WebEx extension has a URL that allows for arbitrary remote command execution.
38e70d300153f0f056a7136a948b0b4e1125d12a487e0e736084b746311e4b8a
CUPS suffers from an incorrect whitelist that permits DNS rebinding attacks.
bf146f908f889c7ff1e3eef0f659c398d3ad560a003e02a97389dec2077a075a
Oracle OpenJDK Runtime Environment build 1.8.0_112-b15 suffers from a java serialization denial of service vulnerability.
52868d5d4e4171ca13abb254c37c2df30559800d7ea5a50b2e3f2bd19a714287
Oracle PeopleSoft HCM version 9.2 suffers from a cross site scripting vulnerability.
7bb5d0122cf38d54f586c668b0e097fe56bac8440c897f157f8cd1a73f9d27f7
Microsoft Remote Desktop Client for Mac version 8.0.36 suffers from a remote code execution vulnerability.
30fa33e5e481a63662a6fceba59229cee595229bc593a817856790f2cd97de46
Python version 2.x suffers from a buffer overflow in the DecodeAdpcmImaQT function in the ctypes module.
95cd9741764bd11e16c16945a7122ba1f570f9a6913dad64ad19a68830a3cdc8
Oracle E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6 suffer from an unconstrained file download vulnerability.
9aae3dbd6f7dc3149e3d98324e0cd339aa6a4a5b85500b4164c9b406d0301082
PageKit version 1.0.10 suffers from a password reset vulnerability.
f76bc6ce6d8a3efa2db521a6cd848b172880a8b563cf70947d2a9a9b465a6b58
Microsoft power point allows users to insert objects of arbitrary file types. At presentation time these objects can be activated by mouse movement or clicking.
2d838b7169aaadc022b8b58be4e89a994a898f95dd32856f8fa4e1c3b5cff755
MyBB versions 1.8.3 and below alongside PHP versions prior to 5.6.30 suffer from a GMP deserialization type confusion vulnerability.
6f585bd28b4ea52da08b574068875a55d67f3ea3d0050fa7544f4931f043f728
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
303410a6bc0af29da23911eadcd3224ee78a40329f84d26089b70fd706ce9674
SunOS version 5.11 remote ICMP weakness kernel denial of service exploit.
95a41460532c231bbc67d78bf29fb5e924fd2abb8eb4b796a6c40bf9539ba715
ntopng Web Interface version 2.4.160627 suffers from a cross site request forgery token bypass vulnerability.
34960661f2b3cf38145c6e6f128d9428f6327fb5638ca2374f7ba050e6755cf1
Complain Management System suffers from a remote SQL injection vulnerability.
72392a73e4045bf1dddfcb69cffbe0aa13ca13ab4dfa6444791ffb665d4b1a8b
ICGames Games Site Script version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1121c70d431b5895577088e01110edfbac4dcaa36b4f523c2cac4f5fe0606f99