Three different proof of concept exploits for TwistedBrush Pro Studio version 24.06 denial of service vulnerabilities.
>> AUTHOR: deepcore
PasteShr version 1.6 suffers from multiple remote SQL injection vulnerabilities.
This Metasploit module exploits a command execution vulnerability in PHP-Fusion versions 9.03.00 and below. It is possible to execute commands in the system with ordinary user authority.
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
Tomabo MP4 Converter 3.25.22 – Denial of Service (PoC)
CommSy 8.6.5 – SQL injection
Legrand BTicino Driver Manager F454 1.0.51 – Cross-Site Request Forgery / Cross-Site Scripting
Apple Security Advisory 2019-5-13-1 – iOS 12.3 is now available and addresses code execution vulnerabilities.
Apple Security Advisory 2019-5-13-2 – macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra are now available and addresses bypass and code execution vulnerabilities.
Apple Security Advisory 2019-5-13-3 – tvOS 12.3 is now available and addresses code execution vulnerabilities.