CVE-2020-6530
Summary: Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced...
exploit
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
How To manually check CVE-2021-3156 | Sudo buffer overflow
How to manually test for CVE-2021-3156? Try using the following command. sudoedit -s '\' perl -e 'print "A" x 65536'...
CVE-2020-25533
Summary: An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged...
CVE-2020-23342
Summary: A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. Reference Links(if available):...
CVE-2020-25533
Summary: An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged...
CVE-2020-35381
Summary: jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via...
CVE-2020-35381
Summary: jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via...
CVE-2020-36154
Summary: The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE"...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
CVE-2020-35882
Summary: An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references...
[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
Posted by Egidio Romano on Jan 06----------------------------------------------------------------------------- IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability ----------------------------------------------------------------------------- Software...
Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow
Posted by malvuln on Jan 06Discovery / credits: malvuln - Malvuln.com (c) 2021 Original source:https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: malvuln13 () gmail com...
Files.com – Auth Bypass (Fat Client)
Posted by Balázs Hambalkó on Jan 06Hi, Vendor: Files.com Product: Fat Client Tested version: 3.3.6 but newer version high likely...
CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
Posted by Aki Tuomi on Jan 06Open-Xchange Security Advisory 2021-01-04 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOP-2009 (Bug...
CVE-2020-19664
Summary: DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi. Reference Links(if available):...
CVE-2020-19664
Summary: DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi. Reference Links(if available):...
survey on reliability of CVSS
Posted by Zinaida Benenson on Dec 29The University of Erlangen-Nuremberg (Germany) is conducting a research study to test the reliability...
Re: CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Posted by Mark E. Jeftovic on Dec 29Is there a transposition typo in the Mac OSX version number? *Fixed Version:*Â |7.0.1.433|Â (Windows)...
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Posted by Reed Loden on Dec 25Due to a process fail, this CVE ID was accidentally reused for another vulnerability....
CarolinaCon Online CFP
Posted by CarolinaCon on Dec 25We hope this email finds you well. This year has had its challenges and we...
Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
Posted by Reed Loden on Dec 25Due to a process fail, this CVE ID was accidentally reused for another vulnerability....
[CVE-2018-7580] – Philips Hue Denial of Service
Posted by Ilia Shnaidman on Dec 25 Credits: Ilia Shnaidman @0x496c on Twitter https://www.iliashn.com Vendor: ============= Philips Lighting Holding B.V...
