crewjam/saml Signature Bypass
Authored by Google Security Research, Felix Wilhelm
The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements.
advisories | CVE-2022-41912
Chrome Synchronous Mojo Use-After-Free
Authored by Google Security Research, Glazvunov
A design flaw in the Chrome Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple use-after-free vulnerabilities.
advisories | CVE-2022-4178
Packet Storm New Exploits For December, 2022
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 82 exploits added to Packet Storm in December, 2022.
Packet Storm New Exploits For 2022
Authored by Todd J. | Site packetstormsecurity.com
Complete comprehensive archive of all 1,384 exploits added to Packet Storm in 2022.
Oracle Unified Audit Policy Bypass
Authored by Emad Al-Mousa
Oracle versions 12.1.0.2, 12.2.0.1, and 19c suffer from a Unified Audit Policy bypass vulnerability.
advisories | CVE-2021-35576
Change Mirror Download
Title: CVE-2021-35576 – Oracle database system Unified Audit Policy...
BDWeb-Link LMS 1.11.5 SQL Injection
Authored by indoushka
BDWeb-Link LMS version 1.11.5 suffers from a remote SQL injection vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : BDWeb-Link Lms v1.11.5 SQL Injection Vulnerability ...
SugarCRM Shell Upload
Authored by sw33t.0day
SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability.
Change Mirror Download
#!/usr/bin/env python## SugarCRM 0-day Auth Bypass + RCE Exploit## Dorks:# https://www.google.com/search?q=site:sugarondemand.com&filter=0# https://www.google.com/search?q=intitle:"SugarCRM"+inurl:index.php# https://www.shodan.io/search?query=http.title:"SugarCRM"# https://search.censys.io/search?resource=hosts&q=services.http.response.html_title:"SugarCRM"#...
Hughes Satellite Router Remote File Inclusion Cross Frame Scripting
Authored by LiquidWorm | Site zeroscience.mk
Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected...
Enlightenment 0.25.3 Privilege Escalation
Authored by nu11secur1ty
Enlightenment version 0.25.3 suffers from a local privilege escalation vulnerability.
advisories | CVE-2022-37706
Change Mirror Download
## Title: Enlightenment Version: 0.25.3 LPE## Author: nu11secur1ty## Date: 12.26.2022## Vendor: https://www.enlightenment.org/## Software: https://www.enlightenment.org/download##...
ProLink PRS1841 Backdoor Account
Authored by Lawrence Amer, Lawrence Amer @zux0x3a | Site 0xsp.com
The ProLink PRS1841 home router suffers from having a backdoor account.
Change Mirror Download
# Exploit Title: Router backdoor - ProLink PRS1841...





