RHEL 7 : kernel-rt (RHSA-2020:4280)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4280 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Microsoft Windows Hyper-V Denial of Service Vulnerability (CNVD-2021-08835)

Microsoft Windows Hyper-V is a tool from Microsoft USA that provides hardware virtualization. The software allows the creation of virtual hard drives, virtual switches, and many other virtual devices. A denial of service vulnerability exists in Microsoft Windows Hyper-V. The vulnerability stems...

Arbitrary Directory Deletion Vulnerability in Mile High PHP Open Source Blog System (CNVD-2020-59461)

MileageMi is a ThinkPHP open source blogging system. MileageMi PHP open source blog system has an arbitrary directory deletion vulnerability that can be exploited by attackers to delete directory files...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

pocsuite-z Legal Disclaimer Usage of pocsuite for attacking targets without prior mutual consent is illegal. pocsuite is for security testing purposes only 法律免责声明 未经事先双方同意，使用 pocsuite-z 攻击目标是非法的。 pocsuite-z 仅用于安全测试目的 Overview pocsuite-z is an open-sourced remote vulnerability testing and...

SIMATIC S7-300 has a Denial of Service Vulnerability

The S7-300 is a modular compact PLC system. A denial of service vulnerability exists in SIMATIC S7-300, which can be exploited by an attacker to cause a denial of service to the server...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43454)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in Cisco IOS XE's Control and Configuration of Access Points over Wireless CAPWAP protocol processing used by Cisco Catalyst 9800 series...

Mozilla Rust Input Validation Error Vulnerability

Rust is a general-purpose, compiled programming language. An input validation error vulnerability exists in Mozilla Rust version 0.6.2, which originates in the nonlinearray implementation and can be exploited by an attacker to generate unaligned references for types with large alignment...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53171)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted FBX file...

EUVD-2020-12051

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...

Denial Of Service (DoS)

mysql server is vulnerable to denial of service. An easily exploitable vulnerability allows a privileged user to affect the availability of the application...

Cisco 7937G All-In-One Exploiter Exploit

This exploit is an all-in-one tool that leverages vulnerabilities described in CVE-2020-16139, CVE-2020-16138, and CVE-2020-16137 against Cisco 7937G devices versions SIP-1-4-5-7 and below. Exploit Title: Cisco 7937G All-In-One Exploiter Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepag...

Facebook's NSO Group Lawsuit Over WhatsApp Spying Set to Proceed

Facebook’s lawsuit against NSO Group over alleged spying on WhatsApp users will be allowed to go forward. WhatsApp-owner Facebook is alleging that NSO Group exploited a vulnerability in WhatsApp to deploy its spyware against human rights activists, journalists and political dissidents. A federal...

Workio – Job Board < 1.0.3 - Unauthenticated Reflected XSS

Unauthenticated Reflected XSS vulnerability was discovered in the «Workio – Job Board WordPress Theme», tested version — v1.0.1. https://www.demoapus-wp1.com/workio/jobs-grid-v1/?filter-title=%22%3E%3Cimg%20src=x%20onerror=alertXSS%3E...

ConnectWise Automate SQL Injection Vulnerability

ConnectWise Automate is a cloud-based, local IT automation solution from ConnectWise USA. The product supports content management, file sharing, IT asset tracking and management, and more. A SQL injection vulnerability exists in Connectwise Automate versions prior to 2020.7 and prior to 2019.12...

FHEM 6.0 - Local File Inclusion

FHEM version 6.0 suffers from a local file inclusion vulnerability. Exploit Title: FHEM 6.0 - Local File Inclusion Date: 2020-02-10 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://fhem.de/ Software Link: https://fhem.de/Download Version: v6.0 Tested on: Windows Link:...

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

Exploit for CVE-2020-1015

CVE-2020-1015 PoC for CVE-2020-1015 More detail available he...

Denial of Service Vulnerability in WPS Office 2019 Professional Edition of Zhuhai Kingsoft Office Software Co Ltd (CNVD-2020-30430)

Kingsoft WPS is office software from Kingsoft Office Software. A denial-of-service vulnerability exists in WPS Office 2019 Professional Edition by Zhuhai Kingsoft Office Software Ltd. that can be exploited by attackers to cause a denial of service...

NETGEAR R8500 and R8300 Buffer Overflow Vulnerability (CNVD-2021-46350)

The NETGEAR R8500 and NETGEAR R8300 are both wireless routers from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR R8300 prior to version 1.0.2.104 and the R8500 prior to version 1.0.2.104. The vulnerability originates when a network system or product performs an operation on memor...

Hackers exploit vulnerability to leak The Last of Us 2 spoiler video

By Deeba Ahmed Last week, it was reported that someone leaked The Last of Us Part 2 story spoilers online. Now Sony knows who... This is a post from HackRead.com Read the original post: Hackers exploit vulnerability to leak The Last of Us 2 spoiler video...