macOS / iOS launchd XPC Message Parsing Memory Corruption
Posted by deepcore under exploit (No Respond)
launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.
Archive for February, 2020
XPC Memory Disclosure / Corruption
Posted by deepcore under exploit (No Respond)
XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure and corruption vulnerabilities in XPC services.
Samsung /dev/tsmux Heap Out-Of-Bounds Write
Posted by deepcore under exploit (No Respond)
The Samsung kernel suffers from a heap out-of-bounds write in /dev/tsmux.
Anviz CrossChex Buffer Overflow
Posted by deepcore under exploit (No Respond)
This Metasploit modules waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom broadcast, triggering a stack buffer overflow.
[local] EPSON EasyMP Network Projection 2.81 – 'EMP_NSWLSV' Unquoted Service Path
Posted by deepcore under Security (No Respond)
EPSON EasyMP Network Projection 2.81 – ‘EMP_NSWLSV’ Unquoted Service Path
Tags: 0day, remote exploit[local] HomeGuard Pro 9.3.1 – Insecure Folder Permissions
Posted by deepcore under Security (No Respond)
[webapps] phpMyChat Plus 1.98 – 'pmc_username' SQL Injection
Posted by deepcore under Security (No Respond)
WordPress Contact-Form-7 5.1.6 File Upload
Posted by deepcore under exploit (No Respond)
WordPress Contact-Form-7 plugin version 5.1.6 suffers from a remote file upload vulnerability.
MyVideoConverter Pro 3.14 Buffer Overflow
Posted by deepcore under exploit (No Respond)
MyVideoConverter Pro version 3.14 suffers from multiple buffer overflow vulnerabilities.
WordPress Tutor 1.5.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Tutor plugin version 1.5.3 suffers from a cross site scripting vulnerability.