Arbitrary code execution vulnerability (CVE-2019-6977) affects the PHP GD image processing library in PHP versions 4 through 7.3. The vulnerability is caused by insufficient input validation in the gdImageCreateFromGd2() function that could allow an attacker to execute arbitrary code on the...
The problem poses the greatest threat to shared web hosting services.
The Apache Software Foundation has fixed a dangerous vulnerability in Apache HTTP Server 2.4 that, under certain circumstances, could allow code to run as root and take control of the server.
The issue (CVE-2019-0211) only...
The vulnerability allows remote execution of arbitrary code on the attacked system.
On Thursday, April 4, Exodus Intelligence security researcher István Kurucsai published a PoC exploit and a demo video for an unpatched vulnerability in Google Chrome. The vulnerability allows an attacker to...
CVE-2017-17215 is a vulnerability that affects Huawei HG532 routers. It allows remote code execution (RCE) by an attacker who has control of the router's web interface.
The vulnerability was first discovered in December 2017 by security researchers at Check Point Software Technologies. It was...
CVE-2019-9810-PoC
Array.prototype.slice wrong alias information
This bug I was found last year. And it was collision with @fluoroacetate in pwn2own 2019.
It was fixed in firefox 66.0.1
hello_firefox_11_30.html
Hidden content
CVE-2019-5786 is a vulnerability in the Google Chrome web browser that could allow an attacker to execute arbitrary code on a victim's computer. The vulnerability was patched in Chrome version 72.0.3626.121
CVE-2019-5786 Chrome 72.0.3626.119 stable FileReader UaF exploit for Windows 7 x86...
CVE-2019-6340 is a security vulnerability that affects versions of the Drupal content management system prior to version 8.6.10 and version 8.5.11. The vulnerability allows attackers to remotely execute code on the server using the REST services module.
A proof-of-concept (PoC) is a...
New exploit for Cisco
Cisco RV320Dump published, CVE-2019-1652 & CVE-2019-1653
Cisco RV320 and RV325 routers have become a target for hackers. Scans and attacks began last Friday, January 25, after information security specialist David Davidson published an exploit on GitHub POC for serious...