CMS ISWEB 3.5.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
CMS ISWEB version 3.5.3 suffers from a cross site scripting vulnerability.
Archive for August, 2018
Dropbox 54.5.90 DLL Hijacking
Posted by deepcore under exploit (No Respond)
Dropbox version 54.5.90 suffers from a DLL hijacking vulnerability.
R 3.4.4 Bufer Overflow
Posted by deepcore under exploit (No Respond)
R version 3.4.4 SEH buffer overflow exploit.
Microsoft Windows JScript RegExp.lastIndex Use-After-Free
Posted by deepcore under exploit (No Respond)
There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied.
Wayland wl_connection_demarshal() Out-Of-Bounds Memory Access
Posted by deepcore under exploit (No Respond)
Wayland suffers from an out-of-bounds memory access vulnerability in wl_connection_demarshal() on 32-bit systems.
Electron WebPreferences Remote Code Execution
Posted by deepcore under exploit (No Respond)
Electron WebPreferences suffers from a remote code execution vulnerability. Versions affected include 3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15.
Microsoft Windows ALPC Local Privilege Escalation
Posted by deepcore under exploit (No Respond)
Microsoft Windows Advanced Local Procedure Call (ALPC) local privilege escalation exploit.
SIPP 3.3 Stack-Based Overflow
Posted by deepcore under exploit (No Respond)
SIPP version 3.3 is prone to a local unauthenticated stack-based overflow vulnerability.
Instagram App 41.1788.50991.0 Denial Of Service
Posted by deepcore under exploit (No Respond)
Instagram App version 41.1788.50991.0 denial of service proof of concept exploit.
Cisco Network Assistant 6.3.3 Denial Of Service
Posted by deepcore under exploit (No Respond)
Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.