:: Deepquest ::

MC Inventory Manager suffers from a stored cross site scripting vulnerability.

MC Inventory Manager suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Typo3 versions 4.2 and 4.5 suffer from information disclosure vulnerabilities.

Recompiling the regular expression pattern during a replace in JScript version 5.7 (MSIE 8) can cause the code to reuse a freed string, but only if the string is freed from the cache by allocating and freeing a number of strings of certain size.

Boxoft WAV to MP3 Converter version 1.1 SEH buffer overflow exploit.

This Metasploit module exploits open X11 servers by connecting and registering a virtual keyboard. The virtual keyboard is used to open an xterm or gnome terminal and type and execute the specified payload.

Blat version 2.7.6 suffers from a stack buffer overflow vulnerability.

This Metasploit module exploits a directory traversal vulnerability in ElasticSearch, allowing an attacker to read arbitrary files with JVM process privileges, through the Snapshot API.

An attacker with administrative access to a Windows machine with UEFI Secure Boot enabled may bypass code signing policy checks by putting intentionally-malformed configuration options in the boot configuration database (BCD).

ZyXEL PMG5318-B20A suffers from a command injection vulnerability via the ping function.