WordPress Duplicator 1.4.7.2 Backup Disclosure
Authored by nu11secur1ty
WordPress Duplicator plugin version 1.4.7.2 suffers from a backup disclosure vulnerability.
Change Mirror Download
## Title: WordPress Plugin Duplicator 1.4.7.2 - Unauthenticated Backup Download## Author: nu11secur1ty## Date: 08.23.2022## Vendor:...
FLIX AX8 1.46.16 Remote Command Execution
Authored by Samy Younsi
FLIR AX8 versions 1.46.16 and below unauthenticated remote OS command injection exploit.
advisories | CVE-2022-36266
Change Mirror Download
# -*- coding: utf-8 -*-# Exploit Title: FLIR AX8 Unauthenticated OS...
Chrome content::ServiceWorkerVersion::MaybeTimeoutRequest Heap Use-After-Free
Authored by Google Security Research, Glazvunov
Chrome suffers from a heap use-after-free vulnerability in content::ServiceWorkerVersion::MaybeTimeoutRequest. Google Chrome version 103.0.5060.53 and Chromium version 105.0.5134.0 are affected.
advisories | CVE-2022-2480
FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS
Authored by Samy Younsi, Thomas Knudsen
FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities.
advisories | CVE-2022-37060, CVE-2022-37061, CVE-2022-37062,...
Transposh WordPress Translation 1.0.8.1 Incorrect Authorization
Authored by Julien Ahrens | Site rcesecurity.com
Transposh WordPress Translation versions 1.0.8.1 and below suffer from an incorrect authorization vulnerability.
advisories | CVE-2022-2536
Change Mirror Download
RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product: ...
FreeBSD 13.0 aio_aqueue Kernel Refcount Local Privilege Escalation
Authored by Chris J-D | Site accessvector.net
FreeBSD versions 11.0 through 13.0 suffers from a local privilege escalation vulnerability via an aio_aqueue kernel refcount bug. This research post goes into...
Polar Flow Android 5.7.1 Secret Disclosure
Authored by Karima Hebbal | Site trovent.io
Polar Flow for Android version 5.7.1 stores the username and password in clear text in a file on mobile devices.
Change Mirror Download
# Trovent...
Advantech iView NetworkServlet Command Injection
Authored by rgod, Shelby Pace, Y4er | Site metasploit.com
Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database...
Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation
Authored by James Forshaw, Google Security Research
On Windows, when registered to use a public key for computer authentication, the certificate is stored in a user accessible registry key leading...
TypeORM 0.3.7 Information Disclosure
Authored by Andrii Kostenko
TypeORM version 0.3.7 suffers from an information disclosure vulnerability.
advisories | CVE-2022-33171
Change Mirror Download
I found what I think is a vulnerability in the latest typeorm 0.3.7.TypeORM v0.3...





