LearnDash WordPress LMS Plugin 3.1.2 – Reflective Cross-Site Scripting
>> ARCHIVE: 2020-02
LearnDash WordPress LMS Plugin 3.1.2 – Reflective Cross-Site Scripting
Forcepoint WebSecurity 8.5 – Reflective Cross-Site Scripting
Wedding Slideshow Studio 1.36 – ‘Key’ Buffer Overflow
This Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.
This Metasploit module exploits an ssdpcgi remote command execution vulnerability in D-Link devices.
This Metasploit module leverages the prnmngr.vbs script to add and delete printers. Multiple runs of this module may be required given successful exploitation is time-sensitive.
macOS and iOS suffer from an out-of-bounds read when processing DDS images with ImageIO.
macOS and iOS suffer from an issue where kern_stack_snapshot_internal() shares non-zeroed kernel pages with userspace.
ImageIO on macOS suffers from an issue where a heap out-of-bounds write occurs when processing JPEG images.
libx264 suffers from an out-of-bounds write when converting to H264.