Posts
- WAN-based command injection in Netgear RAX30
- CVE-2021-44733: Fuzzing and exploitation of a use-after-free in the Linux kernel TEE subsystem
- Linux kernel TEE: free arbitrary page
- OP-TEE OS: allocate too small shared memory
- Pre-auth LAN RCE in Netgear R6700
- XSS to RCE via a Magento Help Desk extension
- LAN-based command injection in TP-Link Archer A7
- TP-Link WDR4300 Post-auth RCE
- CVE-2020-13848: Denial of Service in Portable UPnP SDK (aka libupnp)
- CVE-2020-13111: Out-of-bounds write in NaviServer
- CVE-2020-12845: Denial of Service in Cherokee Web Server
- CVE-2020-12460: Heap-overflow in OpenDMARC
- CVE-2019-19731: Directory traversal in Roxy Fileman for .NET
- CVE-2019-19702: XXE injection in Modoboa DMARC plugin