FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse

FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse

[local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

[remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)

Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)

[remote] WebDAV Windows 10 - Remote Code Execution (RCE)

WebDAV Windows 10 - Remote Code Execution (RCE)

[webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

[remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)

Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)

[local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit

Parrot and DJI variants Drone OSes - Kernel Panic Exploit

[webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)

PHP CGI Module 8.3.4 - Remote Code Execution (RCE)

[local] Microsoft Excel Use After Free - Local Code Execution

Microsoft Excel Use After Free - Local Code Execution

[remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection

AirKeyboard iOS App 1.0.5 - Remote Input Injection

[webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

[remote] PCMan FTP Server 2.0.7 - Buffer Overflow

PCMan FTP Server 2.0.7 - Buffer Overflow

[webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

[webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)

Roundcube 1.6.10 - Remote Code Execution (RCE)

[remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction

Windows File Explorer Windows 10 Pro x64 - TAR Extraction

[remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow

Freefloat FTP Server 1.0 - Remote Buffer Overflow

[webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection

Laravel Pulse 1.3.1 - Arbitrary Code Injection

[local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege

Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege

[remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)

ProSSHD 1.2 20090726 - Denial of Service (DoS)

[local] TightVNC 2.8.83 - Control Pipe Manipulation

TightVNC 2.8.83 - Control Pipe Manipulation

[webapps] CloudClassroom PHP Project 1.0 - SQL Injection

CloudClassroom PHP Project 1.0 - SQL Injection

[remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)

Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)

[remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow

Grandstream GSD3710 1.0.11.13 - Stack Overflow

[local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation

macOS LaunchDaemon iOS 17.2 - Privilege Escalation

[remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)

ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)

[remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)

Apache Tomcat 10.1.39 - Denial of Service (DoS)

[webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

[remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass

Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass

[remote] Automic Agent 24.3.0 HF4 - Privilege Escalation

Automic Agent 24.3.0 HF4 - Privilege Escalation

[remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure

Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure

[remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal

SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal

[webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection

Campcodes Online Hospital Management System 1.0 - SQL Injection

[remote] ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

[local] ABB Cylon Aspect Studio 3.08.03 - Binary Planting

ABB Cylon Aspect Studio 3.08.03 - Binary Planting

[remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture

Windows 2024.15 - Unauthenticated Desktop Screenshot Capture

[local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege

Microsoft Windows Server 2016 - Win32k Elevation of Privilege

[webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

[remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow

Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow

[webapps] Java-springboot-codebase 1.1 - Arbitrary File Read

Java-springboot-codebase 1.1 - Arbitrary File Read

[remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)

Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)

[remote] Invision Community 5.0.6 - Remote Code Execution (RCE)

Invision Community 5.0.6 - Remote Code Execution (RCE)

[local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation

Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation

[remote] CrushFTP 11.3.1 - Authentication Bypass

CrushFTP 11.3.1 - Authentication Bypass

[local] RDPGuard 9.9.9 - Privilege Escalation

RDPGuard 9.9.9 - Privilege Escalation

[webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

[webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

[local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow

TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow

[local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation

Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation

[local] VirtualBox 7.0.16 - Privilege Escalation

VirtualBox 7.0.16 - Privilege Escalation

[webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection

WordPress Depicter Plugin 3.6.1 - SQL Injection

[webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation

SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation

[remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)

Apache ActiveMQ 6.1.6 - Denial of Service (DOS)

[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)

Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)

[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

[local] ZTE ZXV10 H201L - RCE via authentication bypass

ZTE ZXV10 H201L - RCE via authentication bypass

[local] Daikin Security Gateway 14 - Remote Password Reset

Daikin Security Gateway 14 - Remote Password Reset

[local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

[local] unzip-stream 0.3.1 - Arbitrary File Write

unzip-stream 0.3.1 - Arbitrary File Write
โŒ