[dos] Android DRM Services – Buffer Overflow
Posted by deepcore under Security (No Respond)
Archive for March, 2018
[webapps] Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) – PATCH Request Remote Code Execution
Posted by deepcore under Security (No Respond)
Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) – PATCH Request Remote Code Execution
Tags: 0day, remote exploit[webapps] WordPress Plugin Duplicator 1.2.32 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Hola VPN 1.79.859 Insecure Service Permissions
Posted by deepcore under exploit (No Respond)
Hola VPN version 1.79.859 suffers from an insecure service permission vulnerability.
10-Strike Network Monitor 5.4 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
10-Strike Network Monitor version 5.4 suffers from an unquoted service path vulnerability.
Panda Global Security 17.0.1 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
Panda Global Security version 17.0.1 suffers from an unquoted service path vulnerability.
WPS Free Office 10.2.0.5978 NULL DACL Grants Full Access
Posted by deepcore under exploit (No Respond)
WPS Free Office version 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through the use of an insecurely created named pipe.
Panda Global Security 17.0.1 NULL DACL Grants Full Access
Posted by deepcore under exploit (No Respond)
Panda Global Security version 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through the use of an insecurely created named pipe.
Tuleap 9.17.99.189 SQL Injection
Posted by deepcore under exploit (No Respond)
Tuleap version 9.17.99.189 suffers from a remote SQL injection vulnerability.
Bacula-Web SQL Injection
Posted by deepcore under exploit (No Respond)
Bacula-Web versions prior to 8.0.0-RC2 suffer from multiple remote SQL injection vulnerabilities.