[papers] Phrack: VM escape – QEMU Case Study
Posted by deepcore under Security (No Respond)
Archive for April, 2017
Apple iOS 10.3 – Control Panel Denial of Service Vulnerability
Posted by deepcore under exploit (No Respond)
…
Adventures In Automotive Networks And Control Units
Posted by deepcore under exploit (No Respond)
Adventures in Automotive Networks and Control Units (aka car hacking) is an overview of the original work by Charlie Miller and Chris Valasek that covers CAN bus sniffing, injection, and attacks against a Toyota Prius and Ford Escape. Also included are all the tools they used and related data.
Private Tunnel Client 2.8 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Private Tunnel Client version 2.8 local buffer overflow SEH exploit.
Flyspray 1.0-rc4 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Flyspray version 1.0-rc4 suffers from a cross site scripting vulnerability.
Joomla MyPortfolio 3.0.2 SQL Injection
Posted by deepcore under exploit (No Respond)
Joomla MyPortfolio component version 3.0.2 suffers from a remote SQL injection vulnerability.
Portrait Display SDK Service Privilege Escalation
Posted by deepcore under exploit (No Respond)
Portrait Display SDK Service suffers from a privilege escalation vulnerability due to an insecure service configuration.
Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution
Posted by deepcore under exploit (No Respond)
Microsoft Windows 2003 SP2 ERRATICGOPHER SMB remote code execution exploit.
WordPress Wow Forms 2.1 SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Wow Forms plugin version 2.1 suffers from a remote SQL injection vulnerability.
Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure
Posted by deepcore under exploit (No Respond)
Joomla jDBexport component version 3.2.10 suffers from cross site scripting and path disclosure vulnerabilities.