Symphony CMS version 2.6.7 suffers from a session fixation vulnerability.
fcce378e883b3ff540a27cf8149e463a3ba4d2169e61ae0c586947e9fca1ab32
ACROS Security 0patch (0PatchServicex64.exe) version 2016.05.19.539 suffers from an unquoted service path privilege escalation vulnerability.
9a8848b1430ec19b65dbe9a141262be69f8b87933e3836021c166945023d5a4a
This Metasploit module exploits a stack over flow in Tomabo MP4 Player versions 3.11.6 and below. When the application is used to open a specially crafted m3u file, an buffer is overwritten allowing for the execution of arbitrary code.
104a2cf0362a9f21257ea0a0cc45857f18d63ab96ed465e6584382172fbc0a86
Airia suffers from a remote shell upload vulnerability.
cfc1420f67c56a2235a22635d3daa66b50a7b6904e1827ff6ed27bcb1c81d10b
Airia suffers from a cross site request forgery vulnerability.
8f3f556160822259eba932628ea1a80bf0cd9c16fafde59cea0d98a3c230bee0
Airia suffers from reflective and persistent cross site scripting vulnerabilities.
b2c74fe4d3d81fabd1f0139fc587bd7251d6c558f0c816513aa1c4c186deb7f1
CMS Elevel version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
8f93f4639da165c7d40f31f0e5385ee75c3040bae450f8b5fc82bc0d690a199d
WordPress Premium SEO Pack plugin version 1.9.1.3 wp_options overwrite exploit.
8a55f1d9460eb33d0d116749843de8ab238c20eac093166d53268fe5866c2c2b
dbdiff suffers from a cross site scripting vulnerability.
deb9dbf9c5132aac890cdebf0b63c75e07bd93380bca4dbb8e7a98efd031ee6d
It is possible to bypass the ProcessFontDisablePolicy check in win32k to load a custom font from an arbitrary file on disk even in a sandbox.
e53ce21674ff108088fda4624124e065ad3b50d11954813a258023ebc7b8704e
gdi32.dll in Microsoft Windows suffers from a heap-based out-of-bounds reads / memory disclosure vulnerability in multiple DIB-related EMF record handlers.
599e60fc217ca238285ecc8ab338d17881e87aaf87e0941898705824b930c458
The Adobe Type Manager Font Driver (ATMFD.DLL) responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode applications via an undocumented gdi32!NamedEscape API call.
59929f0fa10d7193fd9b64ec3247eab0af43bf5e2900eabc5ec45b0d52b0f7bb
There is a stack overflow in Linux via ecryptfs and /proc/$pid/environ.
a2027cead72d77f935e2469af1185bf388665e08efd098affb8819e227a002a7
Joomla BT Media component version 1.0 suffers from a remote SQL injection vulnerability.
c218f6a31bc622d5737dbce05fe6ba1edeb71b219ce1e1ffb80a5c88bd7bf93e
Linux x86_64 execve shellcode.
b61d1f9c3fbca9e96d93b892f4689dae15dd879cf20b429fceece4638184fc73