Subscribe via feed.
Archive for December, 2019

[dos] macOS 10.14.6 (18G87) – Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

Posted by deepcore under Security (No Respond)

macOS 10.14.6 (18G87) – Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

Tags: ,

[webapps] Rumpus FTP Web File Manager 8.2.9.1 – Reflected Cross-Site Scripting

Posted by deepcore under Security (No Respond)

Rumpus FTP Web File Manager 8.2.9.1 – Reflected Cross-Site Scripting

Tags: ,

[local] AVS Audio Converter 9.1 – 'Exit folder' Buffer Overflow

Posted by deepcore under Security (No Respond)

AVS Audio Converter 9.1 – ‘Exit folder’ Buffer Overflow

Tags: ,

[webapps] Xerox AltaLink C8035 Printer – Cross-Site Request Forgery (Add Admin)

Posted by deepcore under Security (No Respond)

Xerox AltaLink C8035 Printer – Cross-Site Request Forgery (Add Admin)

Tags: ,

[webapps] Tautulli 2.1.9 – Cross-Site Request Forgery (ShutDown)

Posted by deepcore under Security (No Respond)

Tautulli 2.1.9 – Cross-Site Request Forgery (ShutDown)

Tags: ,

http://necsystem.dip.go.th/index.html

Posted by deepcore under defacement (No Respond)

http://necsystem.dip.go.th/index.html notified by Jean Maroc

Tags:

http://angelfund.dip.go.th/index.html

Posted by deepcore under defacement (No Respond)

http://angelfund.dip.go.th/index.html notified by Jean Maroc

Tags:

Squiz Matrix CMS 5.5.x.x Code Execution / Information Disclosure

Posted by deepcore under exploit (No Respond)

Squiz Matrix CMS suffers from PHP unserialization code execution, information disclosure, and arbitrary file deletion vulnerabilities.

D-Link DIR-615 Privilege Escalation

Posted by deepcore under exploit (No Respond)

D-Link DIR-615 suffers from a privilege escalation vulnerability.

Linux sendmsg() Privilege Escalation

Posted by deepcore under exploit (No Respond)

Linux suffers from a privilege escalation vulnerability via io_uring offload of sendmsg() onto kernel thread with kernel creds.