Scanguard versions through 2019-11-12 on Windows has insecure permissions for the installation directory, leading to privilege escalation via a trojan horse executable file.

macOS and iOS have an ImageIO heap corruption issue when processing malformed PVR images.

macOS and iOS suffer from an ImageIO out-of-bounds read when processing PVR images.

launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.

macOS and iOS have a vulnerability with ImageIO where memory safety issues occur when processing OpenEXR images.

SuperBackup version 2.0.5 for iOS suffers from a persistent cross site scripting vulnerability.

AirDisk Pro version 5.5.3 for iOS suffers from multiple persistent cross site scripting vulnerabilities.

Folder Lock version 3.4.5 for iOS suffers from multiple cross site scripting vulnerabilities.

Sky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.

BSidesLisbon 2019 has announced its call for papers. It will be held November 28th and 29th at Auditorio FMD-UL.

B-Sides Ljubljana will be held April 4th, 2020 in Ljubljana, Slovenia.

Call For Papers for Positive Hack Days 10 which will take place in Moscow, Russia May 13th through the 14th, 2020.

BSides Brussels is a security conference in Brussels, Belgium, with talks, workshops and villages. The goal is to strengthen the exchange of knowledge, cooperation, communication, and integration between the different actors active in the IT security industry. We are pleased to announce that the first edition of BSides Brussels will be held on May 28th, 2020.

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 (64 bit). The exploit corrupts the length of a float array (float_rel), which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array (uint64_aarw) which is used for read and writing from absolute memory. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, so the browser must be run with the --no-sandbox option for the payload to work correctly.

Lotus Core CMS version 1.0.1 suffers from a local file inclusion vulnerability.

SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.

Apache Tomcat AJP Ghostcat file read and inclusion exploit.

FIBARO System Home Center version 5.021 suffers from cross site scripting and remote file inclusion vulnerabilities.

Ac4p.com Gallery version 1.0 suffers from cross site scripting, phpinfo disclosure, shell upload, and insecure cookie handling vulnerabilities.

Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities.

Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling.

Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password.