NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes…
>> AUTHOR: deepcore
http://pr.kan2.go.th/0x.html notified by 0x1998
http://kan2.go.th/0x.html notified by 0x1998
A vulnerability laboratory researcher (vxrl team) discovered a remote code execution vulnerability in the TortoiseSVN v1…
Agent Tesla Botnet – Arbitrary Code Execution
Azorult Botnet – SQL Injection
Master Data Online version 2.0 suffers from a cross site scripting vulnerability.
Mitel 6869i Voip Deskphone version 4.2.2032 suffer from an unauthenticated command injection vulnerability.
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the…
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated…