:: Deepquest ::

>> [local] Millewin 13.39.146.1 – Local Privilege Escalation

USER: deepcore // 2021-02-08 // 0 CMT

Millewin 13.39.146.1 – Local Privilege Escalation

>> [webapps] WordPress Plugin Welcart e-Commerce 2.0.0 – 'search[order_column][0]' SQL injection

USER: deepcore // 2021-02-08 // 0 CMT

WordPress Plugin Welcart e-Commerce 2.0.0 – ‘search[order_column][0]’ SQL injection

>> [webapps] Jenzabar 9.2.2 – 'query' Reflected XSS.

USER: deepcore // 2021-02-08 // 0 CMT

Jenzabar 9.2.2 – ‘query’ Reflected XSS.

>> http://www.tumbonbanduea.go.th/index.php

USER: deepcore // 2021-02-06 // 0 CMT

http://www.tumbonbanduea.go.th/index.php notified by Imkey7

>> Apple Safari Remote Code Execution

USER: deepcore // 2021-02-06 // 0 CMT

Apple Safari is susceptible to a remote code execution vulnerability via an undefined othersubr in Type 1 fonts handled by libType1Scaler.dylib on macOS and iOS.

>> Apple CoreText libType1Scaler.dylib Memory Disclosure

USER: deepcore // 2021-02-06 // 0 CMT

Apple CoreText libType1Scaler.dylib suffers from a memory disclosure vulnerability via an uninitialized transient array.

>> Apple CoreText libType1Scaler.dylib Buffer Overflow

USER: deepcore // 2021-02-06 // 0 CMT

Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.

>> Apple CoreText libFontParser.dylib Stack Corruption

USER: deepcore // 2021-02-06 // 0 CMT

Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.

>> Apple CoreText libType1Scaler.dylib Out-Of-Bounds Write / Integer Overflow

USER: deepcore // 2021-02-06 // 0 CMT

Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.

>> https://www.angt.go.th/Mr_Sakib.php

USER: deepcore // 2021-02-05 // 0 CMT

https://www.angt.go.th/Mr_Sakib.php notified by Royal Battler BD