:: Deepquest ::

LogonExpert version 8.1 suffers from an unquoted service path vulnerability.

Softros LAN Messenger version 9.6.4 suffers from an unquoted service path vulnerability.

SLMail version 5.1.0.4420 remote code execution exploit.

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account.

VMware vCenter version 6.5 and 7.0 remote code execution proof of concept exploit.

Backdoor.Win32.Agent.xw malware suffers from denial of service and null pointer vulnerabilities.

Python jsonpickle version 2.0.0 suffers from a remote code execution vulnerability.

LayerBB version 1.1.4 suffers from a remote SQL injection vulnerability.

Backdoor.Win32.Delf.adag malware suffers from hardcoded credential and traversal vulnerabilities.

Unified Remote version 3.9.0.2463 suffers from a remote code execution vulnerability.