:: Deepquest ::

Agorum Core Pro version 7.8.1.4-251 suffers from a reflective cross site scripting vulnerability.

Agorum Core Pro version 7.8.1.4-251 suffers from an XML external entity injection vulnerability.

concrete5 version 8.1.0 suffers from a host header injection vulnerability.

Multiple bugs have been discovered in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure or denial of service. Under certain circumstances, memory corruption could also be possible.

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32kfull!SfnINLPUAHDRAWMENUITEM.

GNS3 Mac OS-X version 1.5.2 ubridge privilege escalation exploit.

uc-httpd is an HTTP daemon used by a wide array of IoT devices and is vulnerable to local file inclusion and directory traversal bugs.

This Metasploit module exploits a buffer overflow vulnerability found in the ACCT command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.

This Metasploit module exploits a buffer overflow vulnerability found in the GET command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.

This Metasploit module exploits a buffer overflow vulnerability found in the NLST command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.