Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.
[papers] A Debugging Primer with CVE-2019-0708
A Debugging Primer with CVE-2019-0708
Apple Security Advisory 2019-5-28-2
Apple Security Advisory 2019-5-28-2 – iCloud for Windows 7.12 is now available and addresses code execution vulnerabilities.
Apple Security Advisory 2019-5-28-1
Apple Security Advisory 2019-5-28-1 – iTunes for Windows 12.9.5 is now available and addresses code execution vulnerabilities.
Fast AVI MPEG Joiner 1.2.0812 License Name Denial Of Service
Fast AVI MPEG Joiner version 1.2.0812 License Name proof of concept denial of service exploit.
Cyberoam General Authentication Client 2.1.2.7 Server Address Denial Of Service
Cyberoam General Authentication Client version 2.1.2.7 denial of service proof of concept exploit.
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
Microsoft Internet Explorer Windows 10 1809 17763.316 scripting engine memory corruption exploit.
CMS Made Simple 2.2.10 Cross Site Scripting
CMS Made Simple version 2.2.10 suffers from a persistent cross site scripting vulnerability.
Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service
Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits.
Oracle Application Testing Suite WebLogic Server Administration Console War Deployment
This Metasploit module abuses a feature in WebLogic Server’s Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a “oats” account that you could log in with, which grants you administrator access.