:: Deepquest ::

Apple iOS / OS X suffer from a NSKeyedArchiver memory corruption vulnerability due to a lack of bounds checking in CAMediaTimingFunctionBuiltin.

Apple MacOS suffers from a local elevation of privilege vulnerability due to a lack of bounds checking in HIServices custom CFObject serialization.

http://amnatpao.go.th notified by Con7ext

An independent vulnerability laboratory researcher discovered a cross site scripting vulnerability in the official Conte…

The vulnerability laboratory core research team discovered a open redirect vulnerability in the official Lufthansa Move …

This Metasploit module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create and execute a PHP file in the document root. The USERNAME and PASSWORD options are only needed if the Wiki is configured as private. This vulnerability affects any MediaWiki installation with SyntaxHighlight version 2.0 installed and enabled. […]

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

HP SimplePass versions 8.00.49, 8.00.57, and 8.01.46 suffers from a local privilege escalation vulnerability.

VMWare Horizon client version 5.4 suffers from a dll hijacking vulnerability.

Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.