Advisories archive

Vulnerability SummaryA use-after-free vulnerability exists in Adobe Acrobat Reader DC, which allows attackers execute arbitrary code with the privileges of
Vulnerabilities SummaryThe following advisory describes a vulnerability in GetSimple CMS which allows unauthenticated attackers to perform Remote Code Execution.CVECVE-2019-11231CreditAn independent
Vulnerabilities SummaryThe following advisory describes a vulnerability in Vesta control panel (VestaCP), an open source hosting control panel, which can
(This advisory follows up on a vulnerability provided in Hack2Win Extreme competition, that won the iOS Privilege Escalation category in
Vulnerabilities SummaryThe following advisory describes two vulnerabilities found in Synology PhotoStation, an unauthenticated SQL injection combined with an authenticated arbitrary
Vulnerability SummaryThe following advisory describes a vulnerability found in the Remote Procedure Call (RPC) component of the VxWorks real-time Opearting
Vulnerabilities SummaryThe following advisory discusses an arbitrary file injection vulnerability that leads to remote code execution in Horde Groupware Webmail.
AbstractSquirrelMail allows to display HTML messages provided that non-safe fragments are redacted. An input sanitization vulnerability that can be exploited
Vulnerabilities SummaryThe following advisory describes two XSS vulnerabilities found in MDaemon Mail Server which lets attackers send emails with malicious
(This advisory follows up on a presentation provided during our offensive security event in 2018 in Hong Kong - come