Home | Latest News | Popular News | Our Network | About | Contact
Latest Exploits | www.SecurityPhresh.com
Latest Exploits
Showing 'Latest Exploits' from 11 to 20
DIGIT CENTRIS 4 ERP SQL Injection
19th Sep 2019 [5 days ago] from PacketStormSecurity
DIGIT CENTRIS 4 ERP suffers from a remote SQL injection vulnerability.
Western Digital My Book World II NAS 1.02.12 Hardcoded Credential
19th Sep 2019 [5 days ago] from PacketStormSecurity
Western Digital My Book World II NAS versions 1.02.12 and below have a hard-coded ssh credential that allows for remote command execution.
MacOS 18.7.0 Kernel Local Privilege Escalation
19th Sep 2019 [5 days ago] from PacketStormSecurity
macOS version 18.7.0 kernel local privilege escalation exploit that may only work on Macs before 2016.
Hospital-Management 1.26 SQL Injection
18th Sep 2019 [6 days ago] from PacketStormSecurity
Hospital-Management version 1.26 suffers from a remote SQL injection vulnerability.
Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting
18th Sep 2019 [6 days ago] from PacketStormSecurity
Oracle Mojarra JSF included in Java EE 7 and Eclipse Mojarra JSF versions 2.2 and 2.3 suffer from a cross site scripting vulnerability.
Google Chrome Password Disclosure
17th Sep 2019 [7 days ago] from PacketStormSecurity
Google Chrome suffers from an issue where it will leak all passwords for a given domain.
Microsoft Windows Internet Settings Security Feature Bypass
17th Sep 2019 [7 days ago] from PacketStormSecurity
Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.
V8 Map Migration Type Confusion
17th Sep 2019 [7 days ago] from PacketStormSecurity
V8 map migration does not respect element kind, leading to a type confusion vulnerability.
LastPass Credential Leak From Previous Site
16th Sep 2019 [8 days ago] from PacketStormSecurity
LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site.
Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
16th Sep 2019 [8 days ago] from PacketStormSecurity
Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »