:: Deepquest ::

Serv-U FTP Server version 15.1.6.25 suffers from a local privilege escalation vulnerability via authentication bypass.

Analysis of CVE-2019-0708 (BlueKeep)

pfSense version 2.4.4-p3 with ACMEPackage version 0.5.7_1 suffers from a persistent cross site scripting vulnerability.

WordPress Nya-Comment-DoFollow plugin version 1.0 suffers from an open redirection vulnerability.

WordPress WPAds plugin version 1.0 suffers from an open redirection vulnerability.

Free SMTP Server version 2.5 denial of service proof of concept exploit.

Microsoft Windows suffers from a deployment service local privilege escalation vulnerability that bypasses the fix for CVE-2019-0841.

The Qualcomm Android kernel suffers from a use-after-free vulnerability via an incorrect set_page_dirty() in KGSL.

Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack.

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.