edgetpu_pin_user_pages Race Condition
Authored by Google Security Research, Seth Jenkins
There is a race condition in edgetpu_pin_user_pages which is reachable from some unprivileged contexts, including the Camera app, or the Google Meet app.
advisories...
Chrome SKIA Integer Overflow
Authored by Google Security Research, Mark Brand
When deserializing an SkPath, there is some basic validation performed to ensure that the contents are consistent. This validation does not use safe...
Chrome Dangling FixedArray Pointers / Memory Corruption
Authored by Google Security Research, Glazvunov
Chrome suffers from an issue with dangling FixedArray pointers in Torque that can lead to memory corruption.
advisories | CVE-2023-4355
Packet Storm New Exploits For September, 2023
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 122 exploits added to Packet Storm in September, 2023.
WordPress KiviCare 3.2.0 Cross Site Scripting
Authored by Arvandy
WordPress KiviCard plugin version 3.2.0 suffers from a cross site scripting vulnerability.
advisories | CVE-2023-2624
Change Mirror Download
# Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting# Date:...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
Authored by LiquidWorm | Site zeroscience.mk
Electrolink FM/DAB/TV Transmitter suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to...
Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality
Authored by LiquidWorm | Site zeroscience.mk
Electrolink FM/DAB/TV Transmitter allows an unauthenticated attacker to bypass authentication and modify the Cookie to reveal hidden pages that allows more critical operations to...
Electrolink FM/DAB/TV Transmitter Unauthenticated Remote Denial Of Service
Authored by LiquidWorm | Site zeroscience.mk
Electrolink FM/DAB/TV Transmitter from a denial of service scenario. An unauthenticated attacker can reset the board as well as stop the transmitter operations by...
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution
Authored by LiquidWorm | Site zeroscience.mk
Electrolink FM/DAB/TV Transmitter allows access to an unprotected endpoint that allows an MPFS File System binary image upload without authentication. The MPFS2 file system...
Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) Credential Disclosure
Authored by LiquidWorm | Site zeroscience.mk
The Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in login.htm and mail.htm that can allow security bypass and system access.
Change Mirror...
