PrestaShop 1.7.6.7 Cross Site Scripting
Authored by Priyanka Samak
PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality.
advisories | CVE-2020-21967
Xen TLB Flush Bypass
Authored by Jann Horn, Google Security Research
Xen's _get_page_type() contains an ABAC cmpxchg() race, where the code incorrectly assumes that if it reads a specific type_info value, and then later...
Chrome PaintImage Deserialization Out-Of-Bounds Read
Authored by Google Security Research, Mark Brand
The code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data, resulting in an out-of-bounds copy into...
Nginx 1.20.0 Denial Of Service
Authored by Mohammed Alshehri
Nginx version 1.20.0 suffers from a denial of service vulnerability.
advisories | CVE-2021-23017
Change Mirror Download
# Exploit Title: Nginx 1.20.0 - Denial of Service (DOS)# Date: 2022-6-29# Exploit...
Sashimi Evil OctoBot Tentacle
Authored by Samy Younsi, Thomas Knudsen | Site github.com
Sashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the...
WordPress Visual Slide Box Builder 3.2.9 SQL Injection
Authored by nu11secur1ty
WordPress Visual Slide Box Builder plugin version 3.2.9 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: WordPress 6.0 - Visual Slide Box Builder 3.2.9 SQLi##...
JBOSS EAP/AS 6.x Remote Code Execution
Authored by Heyder Andrade, Marcio Almeida, Joao Matos | Site metasploit.com
An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can...
Windows Kerberos KerbRetrieveEncodedTicketMessage AppContainer Privilege Escalation
Authored by James Forshaw, Google Security Research
On Windows 11, the Kerberos SSP's KerbRetrieveEncodedTicketMessage message can be used to get an arbitrary service ticket and session key from an AppContainer...
Mutt mutt_decode_uuencoded() Memory Disclosure
Authored by Tavis Ormandy, Google Security Research
In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys,...
Windows Kerberos Redirected Logon Buffer Privilege Escalation
Authored by James Forshaw, Google Security Research
On Windows, the buffer for redirected logon context does not protect against spoofing resulting in arbitrary code execution in the LSA leading to...





