CVE-2023-5969

Mattermost fails to properly sanitize the request to /api/v4/redirectlocation allowing an attacker, sending a specially crafted request to /api/v4/redirectlocation, to fill up the memory due to caching large items...

Mattermost Server < 7.8.12 / 8.0.x < 8.0.4 / 8.1.x < 8.1.3 / 9.0.0 Multiple Vulnerabilities (MMSA-2023-00240) (MMSA-2023-00242) (MMSA-2023-00246)

The version of Mattermost Server running on the remote host is prior to 7.8.12, 8.0.x prior to 8.0.3, 8.1.x prior to 8.1.3 or 9.0.0. It is, therefore, affected by multiple vulnerabilities: - Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request...

Firefox location.QueryInterface() Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Firefox...

Flash Player vulnerabilities of the new use of the method-vulnerability warning-the black bar safety net

Source: Phantom maillist Two days before the recommended Mark Dowd's Paper “Exploiting Flash Reliably” Learn a little, very good very powerful. For later Flash Player exploits has opened up a new new road. Simple to say, from Flash9 to start, to achieve an ActionScript Virtual Machine AVM, the...

Firefox location.QueryInterface() Code Execution

This module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on OS X 10.3 with the stock Firefox 1.5.0 package. This module require...