:: Deepquest ::

…

…

Double-free and invalid-free vulnerabilities in x509 parsing were found in the latest OpenSSL (1.1.0b).

Limny version 2.2 suffers from an expression language injection vulnerability.

iWisoft Video Converter version 1.2 suffers from a dll hijacking vulnerability.

Limny version 3.0.2 suffers from a local file inclusion vulnerability.

Limny version 3.2.2 suffers from a local file inclusion vulnerability.

Plone CMS versions 4.3.11 and below and versions 5.0.6 and below suffer from cross site scripting, open redirection, and path traversal vulnerabilities.

The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDER_TYPE_BINDER or BINDER_TYPE_WEAK_BINDER, a pointer to that object (in the server process) is leaked to the client process as the cookie value. This leads to a leak of a heap address in many of the privileged […]

When performing an object name lookup it’s possible exercise the worst case look up time for the object leading to a single lookup taking multiple minutes. This can prevent a process being terminated on logout which can be used to get access to other user sessions, especially on a terminal server leading to EoP.