:: Deepquest ::

Sprecher Automation SPRECON-E-C and PU-2433 versions prior to 8.49 suffer from directory traversal, missing authentication, broken authentication, and denial of service vulnerabilities.

Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service.

IPSwitch MoveIt versions 8.1 through 9.4 suffer from a persistent cross site scripting vulnerability.

This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Note: Under Windows, non-powershell commands may need to be prefixed with ‘cmd /c’.

This archive contains all of the 268 exploits added to Packet Storm in January, 2018.

WebKit – ‘WebCore::FrameView::clientToLayoutViewportPoint’ Use-After-Free

Jailbreaking iOS 11.1.2: An adventure into the XNU kernel

BMC Server Automation RSCD Agent – NSH Remote Command Execution (Metasploit)

has been added to (https://www.exploit-db.com)