Adobe Reader PDF Client-Side Request Injection
Posted by deepcore under exploit (No Respond)
Adobe Reader PDF suffers from a client-side request injection vulnerability.
Archive for May, 2018
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS
Posted by deepcore under exploit (No Respond)
TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities.
Windows WMI Recieve Notification
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This Metasploit module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64.
[webapps] IceWarp Mail Server < 11.1.1 – Directory Traversal
Posted by deepcore under Security (No Respond)
[remote] Google Chrome V8 – Object Allocation Size Integer Overflow
Posted by deepcore under Security (No Respond)
[webapps] WordPress Plugin WF Cookie Consent 1.1.3 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[local] Windows WMI – Recieve Notification Exploit (Metasploit)
Posted by deepcore under Security (No Respond)
http://luangtai-ngao.go.th/readme.txt
Posted by deepcore under defacement (No Respond)
http://luangtai-ngao.go.th/readme.txt notified by kUr4x
Tags: defacementRed Hat Security Advisory 2018-1264-01
Posted by deepcore under Apple (No Respond)
Red Hat Security Advisory 2018-1264-01 – Red Hat Mobile Application Platform 4.6.0 consists of three main components: Core – development and management of apps occurs in the RHMAP Core, which can be installed either in an on-premise installation of OpenShift Container Platform 3.x. MBaaS – Application data, runtimes, and integrations are deployed to the RHMAP […]
Tags: Apple, ios, osxLinux RNG Flaws
Posted by deepcore under exploit (No Respond)
There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot.