FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[webapps] atjiu pybbs 6.0.0 - Cross Site Scripting (XSS)

atjiu pybbs 6.0.0 - Cross Site Scripting (XSS)

[local] Microsoft Windows - Storage QoS Filter Driver Checker

Microsoft Windows - Storage QoS Filter Driver Checker

[webapps] Grav CMS 1.7.48 - Remote Code Execution (RCE)

Grav CMS 1.7.48 - Remote Code Execution (RCE)

[remote] Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure

Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure

[remote] Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection

Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection

[webapps] Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape

Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape

[webapps] VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)

[remote] Microsoft SharePoint Server 2019 (16.0.10383.20020) - Remote Code Execution (RCE)

Microsoft SharePoint Server 2019 (16.0.10383.20020) - Remote Code Execution (RCE)

[remote] Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials

Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials

[webapps] Ghost CMS 5.42.1 - Path Traversal

Ghost CMS 5.42.1 - Path Traversal

[webapps] Ghost CMS 5.59.1 - Arbitrary File Read

Ghost CMS 5.59.1 - Arbitrary File Read

[webapps] projectworlds Online Admission System 1.0 - SQL Injection

projectworlds Online Admission System 1.0 - SQL Injection

[remote] Cisco ISE 3.0 - Authorization Bypass

Cisco ISE 3.0 - Authorization Bypass

[webapps] JetBrains TeamCity 2023.11.4 - Authentication Bypass

JetBrains TeamCity 2023.11.4 - Authentication Bypass

[webapps] ServiceNow Multiple Versions - Input Validation & Template Injection

ServiceNow Multiple Versions - Input Validation & Template Injection

[remote] Cisco ISE 3.0 - Remote Code Execution (RCE)

Cisco ISE 3.0 - Remote Code Execution (RCE)

[remote] Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure

Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure

[webapps] Gandia Integra Total 4.4.2236.1 - SQL Injection

Gandia Integra Total 4.4.2236.1 - SQL Injection

[webapps] Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS)

Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS)

[webapps] LPAR2RRD 8.04 - Remote Code Execution (RCE)

LPAR2RRD 8.04 - Remote Code Execution (RCE)

[remote] Swagger UI 1.0.3 - Cross-Site Scripting (XSS)

Swagger UI 1.0.3 - Cross-Site Scripting (XSS)

[webapps] Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation

Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation

[local] Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)

Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)

[local] Linux PAM Environment - Variable Injection Local Privilege Escalation

Linux PAM Environment - Variable Injection Local Privilege Escalation

[webapps] Mezzanine CMS 6.1.0 - Stored Cross Site Scripting (XSS)

Mezzanine CMS 6.1.0 - Stored Cross Site Scripting (XSS)

[webapps] Adobe ColdFusion 2023.6 - Remote File Read

Adobe ColdFusion 2023.6 - Remote File Read

[webapps] Invision Community 4.7.20 - (calendar/view.php) SQL Injection

Invision Community 4.7.20 - (calendar/view.php) SQL Injection

[webapps] XWiki 14 - SQL Injection via getdeleteddocuments.vm

XWiki 14 - SQL Injection via getdeleteddocuments.vm

[dos] Xlight FTP 1.1 - Denial Of Service (DOS)

Xlight FTP 1.1 - Denial Of Service (DOS)

[remote] Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)

Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)

[remote] Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow

Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow

[webapps] Joomla JS Jobs plugin 1.4.2 - SQL injection

Joomla JS Jobs plugin 1.4.2 - SQL injection

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username

[webapps] Discourse 3.1.1 - Unauthenticated Chat Message Access

Discourse 3.1.1 - Unauthenticated Chat Message Access

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Personal Canned Messages

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Personal Canned Messages

[webapps] Simple File List WordPress Plugin 4.2.2 - File Upload to RCE

Simple File List WordPress Plugin 4.2.2 - File Upload to RCE

[webapps] Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE

Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field

[webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function

[local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

[webapps] Langflow 1.2.x - Remote Code Execution (RCE)

Langflow 1.2.x - Remote Code Execution (RCE)

[hardware] TOTOLINK N300RB 8.54 - Command Execution

TOTOLINK N300RB 8.54 - Command Execution

[webapps] SugarCRM 14.0.0 - SSRF/Code Injection

SugarCRM 14.0.0 - SSRF/Code Injection

[remote] MikroTik RouterOS 7.19.1 - Reflected XSS

MikroTik RouterOS 7.19.1 - Reflected XSS

[webapps] White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)

White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)

[webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)

PivotX 3.0.0 RC3 - Remote Code Execution (RCE)

[local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege

Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege

[remote] NodeJS 24.x - Path Traversal

NodeJS 24.x - Path Traversal

[remote] Keras 2.15 - Remote Code Execution (RCE)

Keras 2.15 - Remote Code Execution (RCE)

[webapps] WP Publications WordPress Plugin 1.2 - Stored XSS

WP Publications WordPress Plugin 1.2 - Stored XSS

[webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover

Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover

[remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)

Microsoft PowerPoint 2019 - Remote Code Execution (RCE)

[remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

[local] Sudo chroot 1.9.17 - Local Privilege Escalation

Sudo chroot 1.9.17 - Local Privilege Escalation

[local] Sudo 1.9.17 Host Option - Elevation of Privilege

Sudo 1.9.17 Host Option - Elevation of Privilege

[local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege

Microsoft Defender for Endpoint (MDE) - Elevation of Privilege

[remote] Microsoft Outlook - Remote Code Execution (RCE)

Microsoft Outlook - Remote Code Execution (RCE)

[webapps] Discourse 3.2.x - Anonymous Cache Poisoning

Discourse 3.2.x - Anonymous Cache Poisoning
โŒ