Posts Tagged ‘disclosure’

Microsoft Edge textarea.defaultValue Memory Disclosure

There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393. Source: Microsoft Edge textarea.defaultValue Memory Disclosure


Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure

This Metasploit module exploits an information disclosure vulnerability found in Advantech SUSIAccess versions 3.0 and below. The vulnerability is triggered when sending a GET request to the server with a series of dot dot slashes (../) in the file parameter. Source: Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure