RENPHO version 3.0.0 fails to encrypt in transit and due to this can disclose sensitive information and allow for man-in-the-middle attacks.
>> AUTHOR: deepcore
Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI.
WebKit suffers from a same-origin policy bypass vulnerability in FrameLoader::clear.
This Metasploit module exploits an unauthenticated HTTP POST SEH-based buffer overflow in File Sharing Wizard version 1.5.0.
Apple Security Advisory 2019-10-07-1 – macOS Catalina 10.15 is now available and addresses buffer overflow and code execution vulnerabilities.
Apple Security Advisory 2019-10-07-2 – iTunes for Windows 12.10.1 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
Apple Security Advisory 2019-10-07-3 – iCloud for Windows 10.7 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
Apple Security Advisory 2019-10-07-4 – iCloud for Windows 7.14 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
Foscam Video Management System 1.1.6.6 – ‘UID’ Denial of Service (PoC)
DeviceViewer 3.12.0.1 – ‘add user’ Local Buffer Overflow (DEP Bypass)