Apple Security Advisory 2021-10-26-9 – iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, spoofing, and use-after-free vulnerabilities.
>> ARCHIVE: 2021-10
Apple Security Advisory 2021-10-26-10 – watchOS 8 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.
Apple Security Advisory 2021-10-26-11 – tvOS 15 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.
Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)
Mini-XML 3.2 – Heap Overflow
Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)
WebCTRL OEM 6.5 – ‘locale’ Reflected Cross-Site Scripting (XSS)
Umbraco v8.14.1 – ‘baseUrl’ SSRF
Umbraco v8.14.1 – ‘baseUrl’ SSRF
This Metasploit module exploits an SID-based command injection in Sophos UTM’s WebAdmin interface to execute shell commands as the root user.