:: Deepquest ::

WordPress Wordfence plugin version 7.4.6 suffers from a cross site scripting vulnerability.

OpenEXR suffers from multiple memory safety issues including out-of-bounds access.

WordPress WPForms-Lite plugin version 1.5.8.2 suffers from a cross site scripting vulnerability.

WordPress Yikes Inc Easy Mailchimp Extender plugin version 6.6.2 suffers from a cross site scripting vulnerability.

This Metasploit module uses Diamorphine rootkit’s privesc feature using signal 64 to elevate the privileges of arbitrary processes to UID 0 (root). This module has been tested successfully with Diamorphine from master branch (2019-10-04) on Linux Mint 19 kernel 4.15.0-20-generic (x64).

This Metasploit module exploits a vulnerability that exists due to a lack of input validation when creating a user. Messages for a given user are stored in a directory partially defined by the username. By creating a user with a directory traversal payload as the username, commands can be written to a given directory. To […]

http://ccit.go.th notified by ./s3nt1n3L

Virtual Freer version 1.58 suffers from a remote command execution vulnerability.

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

Nanometrics Centaur version 4.3.23 suffers from an unauthenticated remote memory leak vulnerability.