Apache Httpd < 2.4.35 : DoS for HTTP/2 connections by continuous SETTINGS

By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol...

CVE-2018-6969

VMware Tools 10.x and prior before 10.3.0 contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing mu...

The vulnerability of the Qualcomm Data Network Stack & Connectivity component of the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Qualcomm Data Network Stack & Connectivity component of the Android operating system relates to the use of memory after it is freed, during attempts to log values of the RIL token in debug mode after a call ends if the eMBMS service is enabled. Exploiting this vulnerabili...

Security Bulletin: IBM Rational ClearCase update for security vulnerabilities in OpenSSL component

Summary IBM Rational ClearCase uses the OpenSSL component for establishing SSL connections. ClearCase now ships an updated version of OpenSSL on Unix and Linux platforms, and uses a new component called IBM GSKit on Windows which also mitigates against the OpenSSL vulnerabilities. Vulnerability...

Cortana Software Could Help Anyone Unlock Your Windows 10 Computer

Cortana, an artificial intelligence-based smart assistant that Microsoft has built into every version of Windows 10, could help attackers unlock your system password. With its latest patch Tuesday release, Microsoft has pushed an important update to address an easily exploitable vulnerability in...

glibc - realpath() Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "glibc 'realpath' Privilege Escalation", 'Description' = %q This module attempts to gain roo...

UBUNTU-CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

CVE-2018-5165

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to...

CVE-2017-7789

If a server sends two Strict-Transport-Security STS headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security HSTS will not be enabled for the connection. This vulnerability affects Firefox 55...

Design/Logic Flaw

An issue where a "" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox 50...

WordPress WP Events Calendar plugin <= 1.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Ozkan Mustafa Akkus in premium WordPress WP Events Calendar plugin versions = 1.0. An attacker can perform attacks via calendar ajax queries. However, this plugin is fully PHP-enabled. You can run SQL query with "month" and "year" parameters. Solution 5...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

CVE-2018-11567

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still...

WordPress Events Calendar 1.0 SQL Injection

Exploit Title: Wordpress Plugin Events Calendar - SQL Injection Dork: N/A Date: 2018-05-27 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor: Wachipi Vendor Homepage: https://codecanyon.net/item/wp-events-calendar-plugin/5025660 Version: 1.0 Category: Webapps Tested on: Kali linux Description : An...

Wordpress Booking Calendar 3.0.0 Plugin - SQL Injection / Cross-Site Scripting Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: Wachipi Vendor Homepage: https://codecanyon.net/item/wp-booking-calendar/4639530 Version: 3.0.0...

Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation

The Linux kernel is vulerable to a use-after-free flaw when Transformation User configuration interfaceCONFIGXFRMUSER compile-time configuration were enabled. This vulnerability occurs while closing a xfrm netlink socket in xfrmdumppolicydone. A user/process could abuse this flaw to potentially...

xdebug Unauthenticated OS Command Execution Exploit

This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

xdebug Unauthenticated OS Command Execution

Module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

Dr. Michio Kaku Paints Fascinating Picture of the Future at Qualys’ RSA Booth

Contact lenses that access the Internet literally at the blink of an eye. Toilets that detect cancer-indicating enzymes. Human settlements on Mars. Beaming one’s mind into outer space using lasers. Watching a video of your dreams after you wake up. Those were just a few of the mind-blowing...