Discord RCE Because Discord was being used for their Prototype Pollution study collaboration, the electrovolt team made the decision to pwn it. Since Discord…
remote code execution
General
Remote Code Execution is Caused via Prototype Pollution in Blitz.js.
A critical prototype pollution vulnerability in Blitz.js, a JavaScript online application framework, has been patched to prevent remote code execution (RCE) on Node.js servers.…
General
Researchers identify flaws in Carrier’s Industrial Access Control System
At least 8 vulnerabilities have been discovered in Carrier’s LenelS2 HID Mercury access control system; The system is prevalent in healthcare, education, transportation and…
General
Microsoft fixes vulnerability plaguing Azure Synapse and Data Factory
On Monday, Microsoft said it patched a vulnerability plaguing Azure Synapse and Azure Data Factory. Further, Microsoft said, if the vulnerability was successfully exploited,…
General
Serious flaw plagues dotCMS content management software
A pre-authenticated remote code execution flaw has been revealed in dotCMS, an open-source content management system written in Java and “used by over 10,000…
General
Android devices vulnerable to remote spying as flaws discovered in chipsets
Audio decoders of Qualcomm and Media Tek chips have been found to have three security vulnerabilities, and if the vulnerabilities are left unpatched, it…
General
Windows Print Spooler flaw exploited in the wild
The U.S Cybersecurity and Infrastructure Security Agency (CISA) has asked users to watch out for a vulnerability in the Windows Print Spooler. Although Microsoft…
General
Elementor, a WordPress website builder plugin, plagued with a vulnerability
Elementor, a WordPress website builder plugin that has more than five million active installations, has a vulnerability that can lead to authenticated remote code…
General
VMware vulnerability allows attackers to take control of the Cloud infrastructure
On Thursday, VMWare, a cloud computing and virtualisation technology firm, pushed an update to fix a critical vulnerability in its Cloud Director product. The…
General
SQL injection protection in ImpressCMS could be evaded to execute RCE
Vulnerabilities found in ImpressCMS can allow an unauthorised attacker to circumvent the software’s SQL injection safeguards to execute codes remotely or Remote code execution…