>> CATEGORY: Security

WebIncorp ERP – SQL injection

Oracle Hyperion Planning 11.1.2.3 – XML External Entity

Amcrest Cameras 2.520.AC00.18.R – Unauthenticated Audio Streaming

macOS / iOS NSKeyedUnarchiver – Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances

iMessage – Memory Corruption when Decoding NSKnownKeysDictionary1

iMessage – NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects

Redis 4.x / 5.x – Unauthenticated Code Execution (Metasploit)

WordPress Theme Real Estate 2.8.9 – Cross-Site Scripting

WordPress Plugin Simple Membership < 3.8.5 – Cross-Site Request Forgery

GigToDo 1.3 – Cross-Site Scripting