:: Deepquest ::

myBB forums version 1.8.26 suffers from a persistent cross site scripting vulnerability.

DSL-124 Wireless N300 ADSL2+ suffers from a backup disclosure vulnerability.

Covenant version 0.5 suffers from a remote code execution vulnerability.

Virtual Reception version 1.0 suffers from a directory traversal vulnerability.

Lavasoft version 4.1.0.409 suffers from an unquoted service path vulnerability.

CrowdStrike Falcon Agent version 6.44.15806 has an uninstall bypass flaw that works without an installation token.

Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.

WordPress WPForms plugin version 1.7.8 suffers from a cross site scripting vulnerability.

Eve-ng version 5.0.1-13 suffers from a cross site scripting vulnerability.

A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local […]