:: Deepquest ::

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext.

A Debugging Primer with CVE-2019-0708

Apple Security Advisory 2019-5-28-2 – iCloud for Windows 7.12 is now available and addresses code execution vulnerabilities.

Apple Security Advisory 2019-5-28-1 – iTunes for Windows 12.9.5 is now available and addresses code execution vulnerabilities.

Fast AVI MPEG Joiner version 1.2.0812 License Name proof of concept denial of service exploit.

Cyberoam General Authentication Client version 2.1.2.7 denial of service proof of concept exploit.

Microsoft Internet Explorer Windows 10 1809 17763.316 scripting engine memory corruption exploit.

CMS Made Simple version 2.2.10 suffers from a persistent cross site scripting vulnerability.

Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits.

This Metasploit module abuses a feature in WebLogic Server’s Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a “oats” account that you could log in with, which grants you administrator access.