XNU suffers from a remote double-free vulnerability due to a data race in IPComp input path.
d2fc78044e01a775c566e0e02db2a7c5884a244d49e01e4d99427a7661199c8b
Red Hat Security Advisory 2019-2974-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2. Issues addressed include a bypass vulnerability.
75af95bad7a62dd349ea95a98d1268dcd6cefbc3e867675f155356b117d6d6c3
Red Hat Security Advisory 2019-2973-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a bypass vulnerability.
34d0b1bac5c8e09df5a7cc58399e05b7cfaf05bfd1fc9ff1b1ee40f127b4ed81
vBulletin versions 5.5.4 and below suffers from an updateAvatar remote code execution vulnerability.
b1df69e722fa4cad5f1ccc76b0fc3406b89ae033513d809855bd2220ee861825
vBulletin versions 5.5.4 and below suffer from multiple remote SQL injection vulnerabilities.
742a27bb143fc517db0186097206a40eff166313f5c0f0b58106301ddbc20309
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
1eaefd459d52f27de1805cff8c68792e0610919648ee98e101980e94edb90a63
Ubuntu Security Notice 4148-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
72e6eae6fbe7689996636e734e2cb19dd7fca4e26ca5817487e68157ff1bc27a
Tellion HN-2204AP router remote configuration disclosure exploit.
3fb5490cf23355122304de82e693f08c368dfb3eb9b411766414a54870a6f26f
freeFTP version 1.0.8 remote buffer overflow exploit.
6d453f1d0ea9a36a32ee58f25349b9aaed117c725694c284a70bfa88f780262f
Zabbix versions 4.4 and below authentication bypass demo proof of concept exploit.
d0a25dfdbf661146e307d66927ea7b6a754be8c3f95ccc3d2c4f1c7ede12e3d0
Zabbix version 4.2 suffers from an authentication bypass vulnerability.
378133c21a3f1d7f1c6512df5e7a2104bba2d8aeb37ae1accdd23394dbeff409
IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6 is also vulnerable and not patched due to being EOL. Proof of concepts are provided.
1337c5ba88da32d6b2f207e5dfaef357aba71650ba7c348c9a4b63c551a403cd
IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.
678846b330bb25aef207cbc3ab7747185ce598f22867e982d5957674140dcefe
Subrion version 4.2.1 suffers from a persistent cross site scripting vulnerability.
d7f2994dd53a0c5225363eb73f654e5dd91fac173e3590491f13210f45f3b788
Debian Linux Security Advisory 4542-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the server.
3b0c7bdc4a347077c77854e783302a4d041ee2eb869b09d42d5f6680628b4bf5
Logrotate versions up to and including 3.15.1 suffer from a privilege escalation vulnerability.
42380742db4ceb53b93c4766060eb9370c2a4fa0e2012b8cb617e6d0849daaf5
Joomla versions 3.0.0 through 3.4.6 suffer from a remote code execution vulnerability in configuration.php.
3e107b06722775ddfc3bef9b2beccf68ac19648628b70d9167e67e596a287850
CheckPoint Endpoint Security VPN versions E80.87 Build 986009514 and below and ZoneAlarm versions 15.4.062.17802 and below suffer from a privilege escalation vulnerability.
ee56cbff69bca824b90b036840113af2f89274b604d09c9b8287722d179185b7
ASX to MP3 Converter version 3.1.3.7 .asx local stack overflow exploit.
b4001f42f24ea433b41518393a1d15294c54d7edc60cb7586d5f00464e74878b
Whitepaper called Exploits Wars II - The server strikes back.
1614666ac032310e465768e4c595200e123fb736e371cb7e8d0b58e4f753f456
Thailand Union Library Management version 6.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
0eecfa12f7697f2521129d8bab019d8aae45eae7e47ea91ce81e6b038be02aba