ZDI-24-230: Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in...
ZDI-24-233: Delta Electronics CNCSoft-B DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in...
USN-6669-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...
DSA-5635-1 yard – security update
Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting. https://security-tracker.debian.org/tracker/DSA-5635-1...
SEC Consult SA-20240226-0 :: Local Privilege Escalation via DLL Hijacking in Qognify VMS Client Viewer
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 02 SEC Consult Vulnerability Lab Security Advisory < 20240226-0 > ======================================================================= title: Local Privilege...
JetStream Smart Switch – TL-SG2210P v5.0/ Improper Access Control / CVE-2023-43318
Posted by Shaikh Shahnawaz on Mar 02 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] Tp-Link (http://tp-link.com) [Product] JetStream Smart...
Multiple XSS Issues in boidcmsv2.0.1
Posted by Andrey Stoykov on Mar 02 # Exploit Title: Multiple XSS Issues in boidcmsv2.0.1 # Date: 3/2024 # Exploit Author: Andrey Stoykov # Version:...
XAMPP 5.6.40 – Error Based SQL Injection
Posted by Andrey Stoykov on Mar 02 # Exploit Title: XAMPP - Error Based SQL Injection # Date: 02/2024 # Exploit Author: Andrey Stoykov #...
BACKDOOR.WIN32.AGENT.AMT / Authentication Bypass
Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Jeemp.c / Cleartext Hardcoded Credentials
Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/d6b192a4027c7d635499133ca6ce067f.txt Contact: malvuln13 () gmail com Media:...