Author: Cyberthreat Blog

Hands-on Vulnerability Learning Tool “AppGoat” for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than CVE-2017-2179 and...

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.

Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.