2019 March

[local] Anyburn 4.3 x86 – 'Copy disc to image file' Buffer Overflow – (UNICODE)(SEH)

Posted by deepcore under Security (No Respond)

Anyburn 4.3 x86 – ‘Copy disc to image file’ Buffer Overflow – (UNICODE)(SEH)

Tags: 0day, remote exploit

[remote] QNAP TS-431 QTS < 4.2.2 – Remote Command Execution (Metasploit)

Posted by deepcore under Security (No Respond)

QNAP TS-431 QTS < 4.2.2 – Remote Command Execution (Metasploit)

Tags: 0day, remote exploit

[webapps] Kados R10 GreenBee – Multiple SQL Injection

Posted by deepcore under Security (No Respond)

Kados R10 GreenBee – Multiple SQL Injection

Tags: 0day, remote exploit

[remote] Imperva SecureSphere 13.x – 'PWS' Command Injection (Metasploit)

Posted by deepcore under Security (No Respond)

Imperva SecureSphere 13.x – ‘PWS’ Command Injection (Metasploit)

Tags: 0day, remote exploit

[dos] Android – getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass

Posted by deepcore under Security (No Respond)

Android – getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass

Tags: 0day, remote exploit

[dos] Linux < 4.20.14 – Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem

Posted by deepcore under Security (No Respond)

Linux < 4.20.14 – Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem

Tags: 0day, remote exploit

[dos] Android – binder Use-After-Free via racy Initialization of ->allow_user_free

Posted by deepcore under Security (No Respond)

Android – binder Use-After-Free via racy Initialization of ->allow_user_free

Tags: 0day, remote exploit

Xoops 1.0.2 PD-Links 1.0 Database Disclosure

Posted by deepcore under exploit (No Respond)

Xoops version 1.0.2 with PD-Links module version 1.0 suffers from a database disclosure vulnerability.

Kache Cross Protocol Request Forgery

Posted by deepcore under exploit (No Respond)

Kache as of commit de2c39491625c3f087027be961a17191e85f6d30 suffers from a cross protocol request forgery vulnerability.

Joomla ModPPCSimpleSpotLight 1.2 / 3.0 CSRF / Shell Upload

Posted by deepcore under exploit (No Respond)

Joomla ModPPCSimpleSpotLight module versions 1.2 and 3.0 suffer from cross site request forgery and remote shell upload vulnerabilities.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[local] Anyburn 4.3 x86 – 'Copy disc to image file' Buffer Overflow – (UNICODE)(SEH)

[remote] QNAP TS-431 QTS < 4.2.2 – Remote Command Execution (Metasploit)

[webapps] Kados R10 GreenBee – Multiple SQL Injection

[remote] Imperva SecureSphere 13.x – 'PWS' Command Injection (Metasploit)

[dos] Android – getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass

[dos] Linux < 4.20.14 – Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem

[dos] Android – binder Use-After-Free via racy Initialization of ->allow_user_free

Xoops 1.0.2 PD-Links 1.0 Database Disclosure

Kache Cross Protocol Request Forgery

Joomla ModPPCSimpleSpotLight 1.2 / 3.0 CSRF / Shell Upload

Tabs Switcher

Categories

Archives

Meta

BLOGROLL