:: Deepquest ::

Virtual Reception version 1.0 suffers from a directory traversal vulnerability.

Lavasoft version 4.1.0.409 suffers from an unquoted service path vulnerability.

CrowdStrike Falcon Agent version 6.44.15806 has an uninstall bypass flaw that works without an installation token.

Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.

WordPress WPForms plugin version 1.7.8 suffers from a cross site scripting vulnerability.

Eve-ng version 5.0.1-13 suffers from a cross site scripting vulnerability.

A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local […]

A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local […]

Beauty Salon version 1.0 suffers from a remote shell upload vulnerability.

YouPHPTube versions 7.8 and below suffer from local file inclusion and directory traversal vulnerabilities.