:: Deepquest ::

http://www.police7.go.th/police7_newSite/images/memPic/blackcoder.html notified by blackcoder

https://www3.nrct.go.th/ma.txt notified by Moroccan Revolution

http://www.secondary35.go.th/ay.htm notified by D3D0T

CMSUno version 1.6 suffers from a cross site request forgery vulnerability.

Simple Startup Manager version 1.17 local buffer overflow proof of concept exploit.

PMB versions 5.6 and below suffer from a cross site scripting vulnerability.

Sonar Qube version 8.3.1 suffers from an unquoted service path vulnerability.

This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath to the newly created photo library, a file named Dict will be unpickled, which causes remote code execution as the […]

Apple Security Advisory 2020-07-15-1 – iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2020-07-15-2 – macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra are now available and address buffer overflow, code execution, denial of service, out of bounds read, and out of bounds write vulnerabilities.