:: Deepquest ::

Monitorr version 1.7.6 remote shell upload proof of concept exploit written in Python.

ChiKoi version 1.0 suffers from a directory traversal vulnerability.

ChiKoi version 1.0 suffers from a cross site scripting vulnerability.

ChiKoi version 1.0 suffers from a directory traversal vulnerability.

CKSource CKEditor5 version 35.4.0 suffers from a cross site scripting vulnerability.

The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure.

This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT.

This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below (CVE-2022-47966). Due to a dependency to an outdated library (Apache Santuario version 1.4.1), it is possible to execute arbitrary code by providing a crafted samlResponse XML to the Endpoint Central SAML endpoint. Note […]

SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger […]

SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger […]