2022 June

[webapps] Contao 4.13.2 – Cross-Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

Contao 4.13.2 – Cross-Site Scripting (XSS)

Tags: 0day, remote exploit

[remote] Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)

Posted by deepcore under Security (No Respond)

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)

Tags: 0day, remote exploit

Real Player 20.0.8.310 G2 Control DoGoToURL() Remote Code Execution

Posted by deepcore under exploit (No Respond)

The G2 Control component in Real Player version 20.0.8.310 suffer from remote code execution vulnerability.

Real Player 16.00.282 / 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 Remote Code Execution

Posted by deepcore under exploit (No Respond)

Real Player versions 16.00.282, 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from external::Import() arbitrary file download and directory traversal vulnerabilities that lead to remote code execution.

Real Player 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 DCP URI Remote Code Execution

Posted by deepcore under exploit (No Respond)

Real Player versions 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from a DCP:// URI remote code execution vulnerability.

Avantune Genialcloud ProJ 10 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Avantune Genialcloud ProJ version 10 suffers from a cross site scripting vulnerability.

OpenSSL 1.0.2 / 1.1.1 / 3.0 BN_mod_sqrt() Infinite Loop

Posted by deepcore under exploit (No Respond)

The BN_mod_sqrt() function in OpenSSL versions 1.0.2, 1.1.1, and 3.0, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.

libxml2 xmlBufAdd Heap Buffer Overflow

Posted by deepcore under exploit (No Respond)

libxml2 is vulnerable to a heap buffer overflow when xmlBufAdd is called on a very large buffer.

Packet Storm New Exploits For May, 2022

Posted by deepcore under exploit (No Respond)

This archive contains all of the 142 exploits added to Packet Storm in May, 2022.

GtkRadiant 1.6.6 Buffer Overflow

Posted by deepcore under exploit (No Respond)

GtkRadiant version 1.6.6 suffers from a buffer overflow vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[webapps] Contao 4.13.2 – Cross-Site Scripting (XSS)

[remote] Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)

Real Player 20.0.8.310 G2 Control DoGoToURL() Remote Code Execution

Real Player 16.00.282 / 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 Remote Code Execution

Real Player 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 DCP URI Remote Code Execution

Avantune Genialcloud ProJ 10 Cross Site Scripting

OpenSSL 1.0.2 / 1.1.1 / 3.0 BN_mod_sqrt() Infinite Loop

libxml2 xmlBufAdd Heap Buffer Overflow

Packet Storm New Exploits For May, 2022

GtkRadiant 1.6.6 Buffer Overflow

Tabs Switcher

Categories

Archives

Meta

BLOGROLL