:: Deepquest ::

Torrent 3GP Converter version 1.51 suffers from a stack overflow vulnerability.

This application, known as the SolarWinds n-Central Dumpster Diver, utilizes the nCentral agent dot net libraries to simulate the agent registration and pull the agent/appliance configuration settings. This information can contain plain text active directory domain credentials. This was reported to SolarWinds PSIRT(psirt@solarwinds.com) on 10/10/2019. In most cases the agent download URL is not secured […]

FusionAuth versions 1.10 and below suffer from a remote command execution vulnerability. An authenticated attacker with enough privileges to access the template editing functions (either site templates or e-mail templates) in the FusionAuth dashboard can execute commands on the underlying operating system using the Apache FreeMarker Expression language.

IceWarp WebMail versions 11.4.4.1 and below suffer from a cross site scripting vulnerability.

macOS and iOS suffers from an ImageIO heap corruption vulnerability when processing malformed TIFF images.

Adive Framework version 2.0.8 suffers from a cross site request forgery vulnerability.

Centreon version 19.10.5 suffers from a database credential disclosure vulnerability.

Centreon version 19.10.5 suffers from a remote command execution vulnerability.

Octeth Oempro version 4.8 suffers from a remote SQL injection vulnerability.

Centreon 19.10.5 – ‘Pollers’ Remote Command Execution