Subscribe via feed.
Archive for August, 2019

Tableau XML Injection

Posted by deepcore under exploit (No Respond)

Tableau suffers from an XML external entity injection vulnerability.

Pulse Secure SSL VPN File Disclosure NSE

Posted by deepcore under exploit (No Respond)

This is an Nmap NSE script to detect where or not a target is vulnerable to the Pulse Secure SSL VPN file disclosure vulnerability. It reads /etc/passwd.

[dos] Outlook Password Recovery 2.10 – Denial of Service

Posted by deepcore under Security (No Respond)

Outlook Password Recovery 2.10 – Denial of Service

Tags: ,

[webapps] Jobberbase 2.0 CMS – 'jobs-in' SQL Injection

Posted by deepcore under Security (No Respond)

Jobberbase 2.0 CMS – ‘jobs-in’ SQL Injection

Tags: ,

[webapps] SQLiteManager 1.2.0 / 1.2.4 – Blind SQL Injection

Posted by deepcore under Security (No Respond)

SQLiteManager 1.2.0 / 1.2.4 – Blind SQL Injection

Tags: ,

Apple Security Advisory 2019-8-26-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2019-8-26-1 – iOS 12.4.1 is now available and addresses an arbitrary code execution vulnerability.

Tags: , ,

Apple Security Advisory 2019-8-26-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2019-8-26-2 – macOS Mojave 10.14.6 Supplemental Update is now available and addresses an arbitrary code execution vulnerability.

Tags: , ,

Apple Security Advisory 2019-8-26-3

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2019-8-26-3 – tvOS 12.4.1 is now available and addresses an arbitrary code execution vulnerability.

Tags: , ,

LSoft ListServ Cross Site Scripting

Posted by deepcore under exploit (No Respond)

LSoft ListServ versions prior to 16.5-2018a suffer from a cross site scripting vulnerability.

Realtek Managed Switch Controller RTL83xx Stack Overflow

Posted by deepcore under exploit (No Respond)

Realtek Managed Switch Controller RTL83xx suffers from a stack overflow vulnerability. Full exploit provided.