Vulnerability Research 24
- Missing IP Address Control in isPublic() Function Leads to SSRF Bypass PoC Mar 1, 2024
- Deserialization of Untrusted Data in pytorch-lightning Dec 12, 2021
- NULL Pointer Dereference | Deark Mar 15, 2021
- Division By Zero | Deark Mar 15, 2021
- Group Office CRM | Stored XSS via SVG File Dec 10, 2020
- Group Office CRM | SSRF Dec 10, 2020
- Sentrifugo 3.2 | SQLi [employeeNumId] parameter | CVE-2020-26805 Oct 6, 2020
- Sentrifugo 3.2 | RCE [Authenticated] (assets) | CVE-2020-26803 Oct 6, 2020
- Sentrifugo 3.2 | RCE [Authenticated] (announcements) | CVE-2020-26804 Oct 6, 2020
- CMSUno 1.6.2 | RCE [Authenticated] (password.php) | CVE-2020-25557 Sep 30, 2020
- CMSUno 1.6.2 | RCE [Authenticated] (config.php) | CVE-2020-25538 Sep 30, 2020
- GOG Galaxy Desktop App | Local Privilege Escalation | CVE-2020-11827 Jun 4, 2020
- Virtualbox Local DOS Vulnerability | CVE-2020-2909 Apr 14, 2020
- Memono | Insecure Data Storage [IOS] | CVE-2020-11826 Feb 23, 2020
- Rukovoditel | SQL Injection reports_id (POST) | CVE-2020-11816 Jan 15, 2020
- Rukovoditel | SQL Injection filters[1][value] (POST) | CVE-2020-11812 Jan 15, 2020
- Rukovoditel | SQL Injection filters[0][value] (POST) | CVE-2020-11812 Jan 15, 2020
- Rukovoditel | SQL Injection [entities_id] | CVE-2020-11820 Jan 15, 2020
- Rukovoditel | RCE | Local File Inclusion | CVE-2020-11819 Jan 14, 2020
- Rukovoditel | CSRF Bypass -> Account Takeover - CVE-2020-11818 Jan 14, 2020
- Rukovoditel - Maintenance Mode Configuration | RCE - CVE-2020-11817 Jan 14, 2020
- Web-Based Project Management Software | RCE - CVE-2020-11811 Jan 14, 2020
- Rukovoditel - Login Page Configuration | RCE - CVE-2020-11815 Jan 4, 2020
- Clear Text Password - Netis DL4323 | CVE-2019-20074 Dec 24, 2019