:: Deepquest ::

Mobile Mouse 3.6.0.4 – Remote Code Execution (RCE)

https://www.nongpailom.go.th/index.html notified by SanggamXploiter

http://nonsomboonlocal.go.th notified by ./Niz4r

https://www.cntpeo.go.th/o.htm notified by chinafans

A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker […]

Rocket LMS version 1.6 suffers from a remote SQL injection vulnerability.

Social Share Buttons version 2.2.3 suffers from a remote SQL injection vulnerability.

SAP SAProuter suffers from an improper access control vulnerability where permitting loopback traffic can lead to unexpected behavior.

This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS versions prior to 10.0.1, 9.1.4 and 9.0.10.

SAPControl Web Service Interface (sapstartsrv) suffers from a privilege escalation vulnerability via a race condition.