:: Deepquest ::

http://www.cdc.ptho.moph.go.th/cyb3r_dr4in.gif notified by ashiyane digital security team

Linux ARM/ARM64 architectures suffer from an arbitrary memory read vulnerability in perf_event_open().

WordPress Ultimate Product Catalog plugin versions 3.9.8 and below suffer from a remote unauthenticated blind SQL injection vulnerability.

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations […]

Hacking the PS4, part 3 – Kernel exploitation

http://www.loei2.go.th/lms/web1/file_editor/_input_3_.txt notified by DeadsOul

No abstract description available in the upcomings!

No abstract description available in the upcomings!

LastPass version 4.1.20a on Windows suffers from some issues where the add-on works by injecting elements and event handlers into the page. The attached proof of concept will delete a given file.

Multiple products from AXIS suffer from a remote command execution vulnerability.