Pimcore SQL注入漏洞

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in Pimcore that...

Trend Micro Worry-Free Business Security Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

You’ve Found a Vulnerability! Now What? A Guide to Responsible Disclosure.

Information security researchers make a valuable contribution to our online security by finding vulnerabilities and facilitating getting them fixed. Wordfence has been finding and disclosing vulnerabilities in WordPress core, WordPress plugins, and WordPress themes since 2011. Our research has...

Exploit for CVE-2021-36934

CVE-2021-36934 !Screenshothttps://github...

Exploit for CVE-2021-36934

Invoke-HiveNightmare PowerShell-based PoC for CVE-2021-36934,...

Exploit for CVE-2021-36934

This is a PoC exploit for CVE-2021-36934, a vulnerability in the...

Exploit for CVE-2021-36934

ShadowSteal | CVE-2021-36934 Pure Nim implementation for explo...

CVE-2021-36746

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

CVE-2021-36746

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

Design/Logic Flaw

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor...

CVE-2021-36746

Blackboard Learn (through version 9.1) is vulnerable to cross-site scripting (XSS) when an authenticated user uses the Assignment Instructions HTML editor. The issue is documented across multiple sources as an XSS flaw affecting Blackboard Learn 9.1, with the underlying cause described as a secur...

Design/Logic Flaw

An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service SaaS, Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected...

CVE-2021-32463

An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service SaaS, Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected...

Blackboard Learn 跨站脚本漏洞

Blackboard Learn is a learning management system from the US-based Blackboard, Inc. A security vulnerability exists in Blackboard Learn that allows authenticated users to perform XSS via the Assignment Instructions HTML editor...

CVE-2021-25318

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16...

Design/Logic Flaw

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16...

CVE-2021-25318

The CVE-2021-25318 issue affects Rancher where an Incorrect Permission Assignment for Critical Resource vulnerability allows cluster users to modify resources beyond their access. It impacts Rancher versions prior to 2.5.9 and prior to 2.4.16. The root cause is improper permission scope handling ...

The vulnerability of the relay_open function in the kernel/relay.c file of the Linux operating system, related to pointer arithmetic errors, allows attackers to cause a service failure.

The vulnerability of the relayopen function in the kernel/relay.c file of the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Siemens SIMATIC Software Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low attack complexity Vendor : Siemens Equipment : SIMATIC Software Products Vulnerability : Incorrect Permission Assignment for Critical Resource 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-194-06...

Trend Micro Apex One Incorrect Permission Assignment Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...