Subscribe via feed.
Archive for August, 2022

https://cri.nfe.go.th

Posted by deepcore under defacement (No Respond)

https://cri.nfe.go.th notified by 1877

Tags:

FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS

Posted by deepcore under exploit (No Respond)

FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities.

Transposh WordPress Translation 1.0.8.1 Incorrect Authorization

Posted by deepcore under exploit (No Respond)

Transposh WordPress Translation versions 1.0.8.1 and below suffer from an incorrect authorization vulnerability.

Apple Security Advisory 2022-08-17-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2022-08-17-2 – macOS Monterey 12.5.1 addresses code execution and out of bounds write vulnerabilities.

Tags: , ,

Apple Security Advisory 2022-08-17-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2022-08-17-1 – iOS 15.6.1 and iPadOS 15.6.1 addresses code execution and out of bounds write vulnerabilities.

Tags: , ,

Apple Security Advisory 2022-08-18-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2022-08-18-1 – Safari 15.6.1 addresses code execution and out of bounds write vulnerabilities.

Tags: , ,

Transposh WordPress Translation 1.0.8.1 Incorrect Authorization

Posted by deepcore under exploit (No Respond)

Transposh WordPress Translation versions 1.0.8.1 and below suffer from an incorrect authorization vulnerability.

FreeBSD 13.0 aio_aqueue Kernel Refcount Local Privilege Escalation

Posted by deepcore under exploit (No Respond)

FreeBSD versions 11.0 through 13.0 suffers from a local privilege escalation vulnerability via an aio_aqueue kernel refcount bug. This research post goes into great depth on how the researcher traversed the logic flow and achieved exploitability.

Polar Flow Android 5.7.1 Secret Disclosure

Posted by deepcore under exploit (No Respond)

Polar Flow for Android version 5.7.1 stores the username and password in clear text in a file on mobile devices.

Advantech iView NetworkServlet Command Injection

Posted by deepcore under exploit (No Respond)

Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database backup functionality passes a user-controlled parameter, backup_file to the mysqldump command. The sanitization functionality only tests for SQL injection attempts and directory traversal, so leveraging the -r and -w mysqldump flags permits exploitation. The […]