Apple Security Advisory 2022-10-27-4 – iOS 15.7 and iPadOS 15.7 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
Apple Security Advisory 2022-10-27-5
Apple Security Advisory 2022-10-27-5 – macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 2022-10-27-6
Apple Security Advisory 2022-10-27-6 – macOS Monterey 12.6.1 addresses buffer overflow and code execution vulnerabilities.
Apple Security Advisory 2022-10-27-7
Apple Security Advisory 2022-10-27-7 – macOS Monterey 12.6 addresses buffer overflow, bypass, code execution, out of bounds write, and use-after-free vulnerabilities.
Apple Security Advisory 2022-10-27-8
Apple Security Advisory 2022-10-27-8 – macOS Big Sur 11.7.1 addresses buffer overflow and code execution vulnerabilities.
Siemens APOGEE PXC / TALON TC Authentication Bypass
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. […]
https://tamkrataitong.go.th
https://tamkrataitong.go.th notified by ./Niz4r
Vagrant Synced Folder Vagrantfile Breakout
This Metasploit module exploits a default Vagrant synced folder (shared folder) to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable vagrant directory on the guest virtual machine. This directory includes the […]
ERP Sankhya 4.13.x Cross Site Scripting
ERP Sankhya versions 4.13.x and below suffer from a cross site scripting vulnerability.
Dinstar FXO Analog VoIP Gateway DAG2000-16O Cross Site Scripting
Dinstar FXO Analog VoIP Gateway version DAG2000-16O suffers from a persistent cross site scripting vulnerability.