Joomla Anief component version 1.5 suffers from a remote SQL injection vulnerability .
96b983b9fbbb86ded1ce1015e815a5803195e844ac879039e82fec9982b19c59
Adobe Flash suffers from an overflow vulnerability during MP4 AMF parsing.
975f33074a57e3cfc572b9cf9519a6d3855366d379e71d3cc22b0b38ac580121
Adobe Flash suffers from a stack corruption vulnerability using a fuzzed SWF file.
861f5baa072230b7939cd1b63451ce6753e5bfa28f6b0c8f8760db23344f9efd
Adobe Flash suffers from a heap overflow vulnerability during YUVPLane decoding.
2bf4e6c3b7be108e8fdfd8baf1d8546149c39e64a4f46c8b3fe36fb7fd6bca33
Adobe Flash suffers from a use-after-free vulnerability in applying bitmapfilter.
c3983405af4d8f611ecd50aa0083c83ab68a09eb670364bcd670de0a0063bf60
Google Chrome suffers from a bypass vulnerability in the download filetype blacklist functionality. Versions 54.0.2840.100 stable is affected.
f412918e9a8a97d1bea8165805a9f03c35f0a54bd19258721264d95feb3b814a
GDI suffers from an insufficient bounds check on GDI32!ConvertDxArray.
d103fb33865c638c44eb1d2b9664aed2de06df107938c288a09492550c9a4a38
Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap out-of-bounds access issue that leads to a memory corruption condition.
83ef05a42ff7b08997720ddd16937c7105800b18b0a6bf34e392b72b87e72108
Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap corruption issue due to a missing length check.
88da86d02c741d0ff8968f5f0017c278198fca482725e6f5dbb4c524808f6d49
Elefant CMS version 1.3.12-RC suffers from remote code execution vulnerabilities.
93ab7cd15114ad9062d18ca8df2fcf662b1919081dc6bdb9660574d8243dfb8a
Plone version 5.0.5 suffers from a cross site scripting vulnerability.
f23f365ad7be4890c9801cbb5c09c3060407d0b8d444fc6d52637f10df958c28
This Metasploit module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This method requires the user to have sufficient privileges to install a custom SQL CRL DLL, and invoke the custom stored procedure that comes with it. This exploit does not leave any binaries on disk. Tested on MS SQL Server versions: 2005, 2012, 2016 (all x64).
fe2d879dbdd0c10aa7ac5b9f21f78eea25748d38856209e0eae44eec747be7d8
Elefant CMS version 1.3.12-RC suffers from multiple cross site request forgery vulnerabilities.
de7243db48cddd6c808e1a9eacb1044d56649c1f9f4181acc839a3c6a756964e
Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.
ca93aac35bd3715340c6f154e617f228396816f0d6c00017e81d884b06b9a427
Elefant CMS version 1.3.12-RC suffers from multiple persistent cross site scripting vulnerabilities.
cb68cea61a5731c1d2926a6f64a75543d5ed4edbf03a18f9eac70ef5da6d6f47
Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.
d79a21938fcd88041127624fd9f5ba1912160c33c332652fb5b2dbfdb36b14b2
WordPress Corner Ad plugin version 1.0.7 suffers from a cross site scripting vulnerability.
79ca2e10f1247f6b9413b75406fbef2e991f2c4a573ac859680ce9e6ea04f3cd
Joomla Team Display component version 1.2.1 suffers from a remote SQL injection vulnerability.
14e70b0fa794bf6bbc0d06320635c01f6ad5379041bf578fef7fad22c82f7780
Joomla Spider Calendar Lite component version 3.2.16 suffers from a remote SQL injection vulnerability.
5782b92df61aa2dc060e9f5c3d34108a2b5de2aca18cb5f23d808cf4bf210ea1
Joomla Groovy Gallery component version 1.0.0 suffers from a remote SQL injection vulnerability.
2cd4d05cbe2fc0df8ebfd27f3e7c957eb5d2ac7ab07b16a16c5814c67891b79e
Joomla WMT Content Timeline component version 1.0 suffers from a remote SQL injection vulnerability.
de7c77f4f9524697a4ce40a3724a7d5156643c454237f9228e2fde7ac0103177
Xshell5 version 5.0 build 1124 suffers from a dll hijacking vulnerability.
adc9cfccf64d4a92b0becac91603ad2491206bbe65dbe08df6868b17d64fd5f9
JBoss version 4.0.2 suffers from a cross site scripting vulnerability in the jmx-console HtmlAdaptor DatabasePersistencePlugin parameter.
d1534f71c95d9024c0e3a23e0024991e7d74c1479be8ff0756971996865d685a
This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.
1a871ca3aa7b2e6e423f8d9e8cda9e0aa977c1488a8441163c46f083da5f5f3c
OpenText Documentum Content Server version 7.3 suffers from a remote SQL injection vulnerability due to a previously announced fix being incomplete.
ace149b822a50c7993d6f686c8031fafa0ff63437d3e979c07952eb853919ff7