[local] IPTInstaller 4.0.9 – 'PassThru Service' Unquoted Service Path
Posted by deepcore under Security (No Respond)
Archive for November, 2020
[local] Realtek Andrea RT Filters 1.0.64.10 – 'AERTSr64.EXE' Unquoted Service Path
Posted by deepcore under Security (No Respond)
Realtek Andrea RT Filters 1.0.64.10 – ‘AERTSr64.EXE’ Unquoted Service Path
Tags: 0day, remote exploit[local] Winstep 18.06.0096 – 'Xtreme Service' Unquoted Service Path
Posted by deepcore under Security (No Respond)
[webapps] SuiteCRM 7.11.15 – 'last_name' Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
[local] HP Display Assistant x64 Edition 3.20 – 'DTSRVC' Unquoted Service Path
Posted by deepcore under Security (No Respond)
SmartBlog 2.0.1 Blind SQL Injection
Posted by deepcore under exploit (No Respond)
SmartBlog version 2.0.1 suffers from a remote blind SQL injection vulnerability.
BlogEngine 3.3.8 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability.
git-lfs Remote Code Execution
Posted by deepcore under exploit (No Respond)
Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.
Sentrifugo 3.2 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Sentrifugo version 3.2 announcements authenticated remote code execution exploit.
Sentrifugo 3.2 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Sentrifugo version 3.2 assets authenticated remote code execution exploit.
