:: Deepquest ::

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

http://tbnamon.go.th notified by Krypton

Java SE Mission Control version 5.5 suffers from an insecure transport vulnerability that allows for man-in-the-middle attacks.

Tenda ADSL2/2+ Modem D820R unauthenticated remote DNS changer exploit.

Pirelli DRG A115 ADSL router version 3 unauthenticated remote DNS changer exploit.

Mattermost versions 3.5.0 and 3.5.1 suffer from a cross site scripting vulnerability.

Tempest Security Intelligence Advisory ADV-9/2017 – Ghost Blog version 0.11.3 suffers from a persistent cross site scripting vulnerability.

Apple Security Advisory 2017-01-18-1 – GarageBand 10.1.5 is now available and addresses an arbitrary code execution vulnerability.

Apple Security Advisory 2017-01-18-2 – Logic Pro X 10.3 is now available and addresses a memory corruption vulnerability.

The vulnerability laboratory core research team discovered a cvs excel macro injection vulnerability in the official Ful…