Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length
Author: Pietro Oliva
CVE: CVE-2020-17361
Vendor: ReadyTalk
Product: Avian JVM
Affected version: 1.2.0
Description:
The issue is located in the vm::arrayCopy method defined in classpath-common.h,
where multiple bounda
Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows
Author: Pietro Oliva
CVE: CVE-2020-17360
Vendor: ReadyTalk
Product: Avian JVM
Affected version: 1.2.0
Description:
The issue is located in the vm::arrayCopy method defined in classpath-common.h,
where multiple boundary chec
SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
*• Software Link:*
https://www.sugarcrm.com
*• Affected Versions:*
All versions prior to 10.1.0 (Q3 2020).
*• Vulnerability Description:*
User input passed through the encoded “current_post” parameter to
‘index.php’ (when “entryPo
SugarCRM < 10.1.0 Multiple Reflected Cross-Site Scripting Vulnerabilities
*• Software Link:*
https://www.sugarcrm.com/
*• Affected Versions:*
All versions prior to 10.1.0 (Q3 2020).
*• Vulnerabilities Description:*
1) User input passed through the “do” parameter when action is set to
“metadat
Hello,
Please find the below updated vulnerability details,
---
# Exploit Title: ManageEngine ADSelfService Plus – Unauthent
vBulletin 5.5.4 through 5.6.2 are vulnerable to a remote code execution
vulnerability caused by incomplete patching of the previous
"CVE-2019-16759" RCE. This logic bug allows for a single pre-auth request
to execute PHP code on a target vBulletin forum.
More info can be found at:
https://blog.exp