Adobe Flash suffers from a blur filtering out of bounds write vulnerability.
db9e4024283035562e2b5eed3fcb41ae9c42cc358c5573aefabdac9a96e2a762
Adobe Flash suffers from an image inflation information disclosure vulnerability.
f493149efdecbbb22f1232ce036cb91ea06d22c82a1a6023823696fbeaf4aa79
Adobe Flash suffers from a sound playing overflow.
121d28c815ac4c390f122974863648dbf5ab9bc6364b3683c8771981c77849e7
Adobe Flash suffers from a slab rendering overflow.
af3c64e998a4ba846e3dd28e780e824c4906f8f0531d6a873cc5c30f0abc8224
This Metasploit module attempts to gain root privileges on Deepin Linux systems by using lastore-daemon to install a package. The lastore-daemon D-Bus configuration on Deepin Linux 15.5 permits any user in the sudo group to install arbitrary system packages without providing a password, resulting in code execution as root. By default, the first user created on the system is a member of the sudo group. This Metasploit module has been tested successfully with lastore-daemon version 0.9.53-1 on Deepin Linux 15.5 (x64).
a706b1ff8cc422f8ab6dcfbc87aff49d205b6c1b24a7e6349abee90bb93b40fe
This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shell. This Metasploit module was tested successfully on an ASUS RT-N12E with firmware version 2.0.0.35. Numerous ASUS models are reportedly affected, but untested.
0fd9b3969b4bf0e960fb66268aea32b78e442d90a8d93e78895e7611291a8f43
Drupal Avatar Uploader module version 7.x-1.0-beta8 suffers from an arbitrary file download vulnerability.
4cf85788db1bd1ddd89e069c2f58b01ca89ff2e43c554bce7aa6ad89915e6981
This whitepaper explores the origin and impact of the vulnerabilities discovered in ST chipsets.
43e3f8317f8b138cdcd0529baa9770438b7cca42407128e39c63e9b17552ce46
VMware Security Advisory 2018-0010 - Horizon DaaS update addresses a broken authentication issue.
58fba5f6cdfb96d0cec816a83967042acd92a07e04561b5260c37af71cb4e7d9
Chrome V8 JIT suffers from a NodeProperties::InferReceiverMaps type confusion vulnerability.
8f66586231cd91aa2a08984a14f3311417775c1a4895253e34a83ed442b29952