:: Deepquest ::

Event Manager PHP Script version 1.0 suffers from a remote SQL injection vulnerability.

Joomla! JEXTN Reverse Auction component version 3.1.0 suffers from a remote SQL injection vulnerability.

Joomla! JMS Music component version 1.1.1 suffers from a remote SQL injection vulnerability.

Oracle Hospitality Simphony (MICROS) versions 2.7 through 2.9 suffer from a directory traversal vulnerability.

FiberHome AN5506 unauthenticated remote DNS changing exploit.

WebKit suffers from a use-after-free vulnerability in WebCore::FrameView::clientToLayoutViewportPoint.

WebKit suffers from a use-after-free vulnerability in detachWrapper.

Claymore Dual GPU Miner versions 10.5 and below suffer from format string vulnerabilities.

This Metasploit module attempts to gain root privileges on Linux systems by invoking the default coredump handler inside a namespace (“container”). Apport versions 2.13 through 2.17.x before 2.17.1 on Ubuntu are vulnerable, due to a feature which allows forwarding reports to a container’s Apport by changing the root directory before loading the crash report, causing […]

This Metasploit module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with as an Administrator session. From there, the normal psexec payload code execution is done. Exploits a type confusion between Transaction and WriteAndX requests and a race condition in […]