JSC BytecodeGenerator::emitEqualityOpImpl Data Mishandling
Posted by deepcore under exploit (No Respond)
JSC suffers from a data mishandling bug in ytecodeGenerator::emitEqualityOpImpl.
Archive for July, 2019
JSC YarrJIT initParenContextFreeList Byte Overwrite
Posted by deepcore under exploit (No Respond)
A bug in JSC YarrJIT initParenContextFreeList allows for bytes to be overwritten.
Amcrest Cameras 2.520.AC00.18.R Unauthenticated Audio Streaming
Posted by deepcore under exploit (No Respond)
Amcrest Cameras version 2.520.AC00.18.R suffers from an authentication bypass vulnerability allowing an attacker to retrieve audio streams.
WordPress WP Fastest Cache 0.8.9.5 Directory Traversal
Posted by deepcore under exploit (No Respond)
WordPress WP Fastest Cache plugin versions 0.8.9.5 and below suffer from a directory traversal vulnerability.
iMessage NSKeyedUnarchiver Deserialization
Posted by deepcore under exploit (No Respond)
iMessage suffers from a vulnerability where NSKeyedUnarchiver deserialization allows file backed NSData objects.
iMessage NSArray Deserialization
Posted by deepcore under exploit (No Respond)
iMessage suffers from a vulnerability where NSArray deserialization can invoke a subclass that does not retain references.
iMessage NSKnownKeysDictionary1 Memory Corruption
Posted by deepcore under exploit (No Respond)
iMessage suffers from a memory corruption vulnerability when decoding NSKnownKeysDictionary1.
[webapps] Oracle Hyperion Planning 11.1.2.3 – XML External Entity
Posted by deepcore under Security (No Respond)
WordPress Real Estate Theme 2.8.9 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Real Estate theme version 2.8.9 suffers from a cross site scripting vulnerability.
GigToDo 1.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability.