:: Deepquest ::

WordPress Vertical Image Slider plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege. suffers from code execution, and local file inclusion vulnerabilities.

This Metasploit module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing ‘CWD’ commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.

An OS X IOKit kernel memory corruption issue occurs due to a bad bzero in IOBluetoothDevice.

Apple Security Advisory 2015-09-16-1 – iOS 9 is now available and addresses denial of service, information disclosure, and various other issues.

Apple Security Advisory 2015-09-16-2 – Xcode 7.0 is now available and addresses traffic inspection, access bypass, and various other vulnerabilities.

Apple Security Advisory 2015-09-16-3 – iTunes 12.3 is now available and addresses code execution, application termination, memory corruption, and various other vulnerabilities.

Apple Security Advisory 2015-09-16-4 – OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

ADH-Web Server IP-Cameras – Multiple Vulnerabilities

Thomson CableHome Gateway (DWG849) Cable Modem Gateway – Information Exposure