CASAP Automated Enrollment System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
42eb07d9630195bb39e10b9baec9a00896bb2bb1cee634e40491dea6513c0e7b
Concrete5 version 8.5.4 suffers from a persistent cross site scripting vulnerability.
ac19392af3a74934edad1a97ba2e0362afa7cc9ca0161dbd106631cf67d66b6b
CASAP Automated Enrollment System version 1.0 First Name persistent cross site scripting exploit. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones.
6bceefc7fea2224717fdd993983c75fc667149e655487aff3b2785373418dbb9
Sudo versions prior to 1.9.5p2 suffer from buffer overflow and privilege escalation vulnerabilities.
df2faf65c7a84b5633290e4d3a7d6958932b30e7692ccdb236b728a8b89c4678
Microsoft Windows Win32k privilege escalation exploit. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
f51816744f601f26a1dc371409081f3b30f6f6f0fa5daa69051169dd407f27f9
Liferay Portal versions prior to 7.2.1 CE GA2 exploit that gains code execution due to deserialization of untrusted data sent to the JSON web services interface.
e1dafd7c9c59b24146a4299e719304b99ea83bd888f39c2474bb23a9583cd36a
Oracle WebLogic Server version 12.2.1.4.0 suffers from a remote code execution vulnerability.
9c56d605f71c80b479342376983e587c7ead9e49558f09b1b0984cf4969069df
Oracle Coherence Fusion Middleware remote code execution exploit. Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0.
52dafdcd1d80de582519836e110883d5cb715ba29d27f9d1567b0b73106f9194
Linux kernel versions starting at 4.10 and below 5.1.7 PTRACE_TRACEME local root exploit that uses the pkexec technique.
e7f854bf4bfbbd6ef656848e475779ed5d37f0342d90b357fbfff5954374bb40
Android suffers from a bluetooth remote denial of service vulnerability.
89e5543cb6f51f283e41a489aaa3e084de84be0c84b8090c5910f061d0b501ba
pppd versions 2.4.2 through 2.4.8 buffer overflow exploit.
10a6602a635fe00eda73adff8cbfa55b1f8d3d56c298fa18edcd1caf80413f7a
Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.
d9fdfb9e61bb275a5d1ad888c25c5fcac36b178ec52a684eb9a5d2fca36c1f21
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tracing functionality used by the Routing and Remote Access service. The issue results from the lack of proper permissions on registry keys that control this functionality. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.
6b0526f98f3e203e2ed6be699de4fcc715f41c3ab7e148e28ed2e62563a77a96
Microsoft Windows 10 suffers from an MSI package symbolic link processing privilege escalation vulnerability.
00a53a8599704007dcf1ab81c4f1e85e4a53537f72002c6e151492ba9771f7f6