Exploits & CVE's

Authored by Google Security Research, natashenka There is a heap corruption bug that can occur when QT processes a malformed TIFF image. It happens because the size of the QImageData...

Authored by Google Security Research, Mark Brand Looking at the Mojo implementation of Chrome's legacy IPC, the legacy ipc::Message type is transferred inside a BigBuffer. advisories | CVE-2021-21198

Authored by M. Cory Billington | Site metasploit.com This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters....

Authored by wvu, Mikhail Klyuchnikov, Nikita Abramov | Site metasploit.com This Metasploit module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform's /storfs-asup endpoint to execute shell commands...

Authored by Fernando Mengalli FileCOPA FTP Server version 1.01 denial of service exploit. Change Mirror Download #!/usr/bin/perl## e-mail: [email protected]## Date: 04/06/2021## Version Vulnerable: FileCOPA FTP Server 1.01## OS Tested: Windows XP PACK...

Authored by Nick Decker | Site trovent.io HealthForYou version 1.11.1 and HealthCoach version 2.9.2 suffer from a user enumeration vulnerability. Change Mirror Download # Trovent Security Advisory 2104-01 ######################################User enumeration through API############################Overview########Advisory...

Authored by Nick Decker | Site trovent.io HealthForYou version 1.11.1 and HealthCoach version 2.9.2 have a vulnerability that allows for account takeover with only prior knowledge of the user's email...

Authored by sirpedrotavares Several IoT devices from the CHIYU Technology firm are vulnerable to a flaw that permits bypassing the telnet authentication process due to an overflow during the negotiation...

Authored by sirpedrotavares CHIYU IoT devices suffer from an integer overflow denial of service vulnerability. Affected devices include BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC with firmware versions prior to...

Authored by Piyush Patil FUDForum version 3.1.0 suffers from a cross site scripting vulnerability. advisories | CVE-2021-27519, CVE-2021-27520 Change Mirror Download # Exploit Title: FUDForum 3.1.0 - 'srch' Reflected XSS# Exploit Author: Piyush...