Subscribe via feed.
Archive for October, 2018

Microsoft Edge Chakra JIT Type Confusion Bug

Posted by deepcore under exploit (No Respond)

Microsoft Edge suffers from a Chakra JIT type confusion bug.

WhatsApp RTP Processing Heap Corruption

Posted by deepcore under exploit (No Respond)

WhatsApp suffers from a heap corruption vulnerability in RTP processing.

Ghostscript executeonly Bypass

Posted by deepcore under exploit (No Respond)

Ghostscript suffers from an executeonly bypass with errorhandler setup.

VLC Media Player 2.2.8 MKV Use-After-Free

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a use-after-free vulnerability in VideoLAN VLC versions 2.2.8 and below. The vulnerability exists in the parsing of MKV files and affects both 32 bits and 64 bits. In order to exploit this, this module will generate two files: The first .mkv file contains the main vulnerability and heap spray, the second […]

Apple Security Advisory 2018-10-08-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2018-10-08-1 – iOS 12.0.1 is now available and addresses lock screen issues.

Tags: , ,

Apple Security Advisory 2018-10-08-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2018-10-08-2 – iCloud for Windows 7.7 is now available and addresses code execution vulnerabilities.

Tags: , ,

[webapps] jQuery-File-Upload 9.22.0 – Arbitrary File Upload

Posted by deepcore under Security (No Respond)

jQuery-File-Upload 9.22.0 – Arbitrary File Upload

Tags: ,

[webapps] E-Registrasi Pencak Silat 18.10 – 'id_partai' SQL Injection

Posted by deepcore under Security (No Respond)

E-Registrasi Pencak Silat 18.10 – ‘id_partai’ SQL Injection

Tags: ,

[webapps] WAGO 750-881 01.09.18 – Cross-Site Scripting

Posted by deepcore under Security (No Respond)

WAGO 750-881 01.09.18 – Cross-Site Scripting

Tags: ,

[webapps] Wikidforum 2.20 – Cross-Site Scripting

Posted by deepcore under Security (No Respond)

Wikidforum 2.20 – Cross-Site Scripting

Tags: ,