pixman pixman_sample_floor_y Integer Overflow
Authored by Google Security Research
pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
advisories | CVE-2022-44638
SentinelOne sentinelagent 22.3.2.5 Privilege Escalation
Authored by ouch_this_hurts
SentinelOne sentinelagent version 22.3.2.5 on Linux suffers from a privilege escalation vulnerability due to not use a fully qualified path when calling grep.
Change Mirror Download
Exploit Title: SentinelOne...
perfSONAR 4.4.4 Open Proxy / Relay
Authored by Ryan Moore | Site github.com
perfSONAR bundles with it a graphData.cgi script, used to graph and visualize data. There is a flaw in graphData.cgi allowing for unauthenticated users...
perfSONAR 4.4.5 Cross Site Request Forgery
Authored by Ryan Moore | Site github.com
A partial blind cross site request forgery (CSRF) vulnerability exists in perfSONAR versions 4.x through 4.4.5 within the /perfsonar-graphs/ test results page. Parameters...
IBM Websphere Application Server 7.0 Cross Site Scripting
Authored by Milad Karimi
IBM Websphere Application Server version 7.0 persistent cross site scripting vulnerability proof of concept details.
advisories | CVE-2009-0855
Change Mirror Download
# Exploit Title: IBM Websphere Application Server 7.0...
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Authored by Martin Heiland
OX App Suite versions 7.10.6 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities.
advisories | CVE-2022-31469, CVE-2022-37307, CVE-2022-37308, CVE-2022-37309, CVE-2022-37310, CVE-2022-37311,...
Microsoft Exchange ProxyNotShell Remote Code Execution
Authored by Soroush Dalili, Spencer McIntyre, Orange Tsai, Rich Warren, Piotr B, DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q | Site metasploit.com
This Metasploit module chains two vulnerabilities on Microsoft Exchange Server that, when combined, allow...
Concrete CMS 9.1.3 XPATH Injection
Authored by nu11secur1ty
Concrete CMS version 9.1.3 suffers from an XPATH injection vulnerability.
Change Mirror Download
## Title: concretecms-9.1.3 Xpath injection## Author: nu11secur1ty## Date: 11.28.2022## Vendor: https://www.concretecms.org/## Software: https://www.concretecms.org/download## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3## Description:The...
Remote Control Collection Remote Code Execution
Authored by h00die, H4rk3nz0 | Site metasploit.com
This Metasploit module utilizes the Remote Control Server's protocol to deploy a payload and run it from the server. Remote Control Collection by...
Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection
Authored by T. Weber | Site cyberdanube.com
Hirschmann (Belden) BAT-C2 version 8.8.1.0R8 suffers from a remote authenticated command injection vulnerability.
advisories | CVE-2022-40282
Change Mirror Download
CyberDanube Security Research 20221124-0------------------------------------------------------------------------------- ...





