Fortinet FortiWeb OS Command Injection PoC
The patch will be released at the end of August
ThroughTek "Kalay" Network Device Impersonation Vulnerability Proof of Concept.
The vulnerability affects millions of IoT devices.
Cisco Adaptive Security Appliance (ASA) XSS POC:
POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1
QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials
QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers.
Write-up of CVE-2021-30481 Source engine remote code execution via game invites
Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability
Zoom Unintended Screen Sharing Vulnerability POC:
heap overflow vulnerability in Sudo leads attackers to gain root privileges.
Sudo is affected by this vulnerability for ten years (since July 2011).
This vulnerability has been found by Qualys Research Team.
Details are here: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit