:: Deepquest ::

WordPress Slider Revolution plugin versions 4.x.x suffer from a remote shell upload vulnerability.

ChiKoi New-MVC-SHOP version 1.0 suffers from a cross site scripting vulnerability.

Academy LMS version 5.11 suffers from a cross site scripting vulnerability.

WebKit suffers from a RenderMathMLToken use-after-free vulnerability in CSSCrossfadeValue::crossfadeChanged.

On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. […]

The Windows Kernel suffers from a use-after-free vulnerability due to bad handling of predefined keys in NtNotifyChangeMultipleKeys.

Gold Filled CRM version 2.0 suffers from an unauthenticated arbitrary file upload vulnerability.

Online Food Ordering System version 2.0 suffers from a remote SQL injection vulnerability.

2ad Guestbook version 2.0 suffers from a database disclosure vulnerability.

Blesta version 5.4.1 appears to leave a default administrative account in place post installation.