This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation.
4bc0ba08bfeebdf7043e5c7d7060e65bdb0c48ca36fa23fc83ebabb77e5ff80d
MAMP PRO version 4.2.0 suffers from a privilege escalation vulnerability.
bc0faa3ffe34b02b7438b4e4a0a886a880b376c96c0d07f880ca1639394e2742
Gentoo Linux Security Advisory 202007-11 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.28.3 are affected.
99e0943f5aa94b86ce4b4675b90f8ea67f1e87e239b56bf6ebe7c3e9b1269186
Gentoo Linux Security Advisory 202007-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.
4ce536bdb972fdf2b3ae93e96480f4ec88105eb035b203f851db2e0a8a5c399b
LibreHealth version 2.0.0 authenticated remote code execution exploit.
fd3ae68fe9fcdda0cdbf3f0ce37942eea7334c997e346091df15a89867a1c66b
Bludit version 3.9.2 suffers from a directory traversal vulnerability.
04b5f1aa55ee5015b2d0e84c14444296ff3198d5f968e38841b92889937bd179
WordPress Email Subscribers and Newsletters plugin version 4.2.2 suffers from a remote SQL injection vulnerability.
3b1ba7f2adb21ee070c2bf0cfebba2aaf20bdd0f36a4c6f0376d19e944a016f5
Gentoo Linux Security Advisory 202007-9 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.
ea8abc26df0516012ce689c3d8937884c7aaee14054fa8fc2fd5fbcfba5c76d2
MikroTik RouterOS suffers from stack exhaustion, memory corruption, and null pointer vulnerabilities. Various 6.44.x versions are affected.
02ab3540de562be70a067e64bdbfd57ec8076c2736ff3eb6a847230788c021a5
Gentoo Linux Security Advisory 202007-8 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.89 are affected.
aa3c7e5ac6801483774860d20e5def2e94b6fb877aa08d961afea2f96ee73b3e
Gentoo Linux Security Advisory 202007-7 - A use-after-free possibly allowing remote execution of code was discovered in Transmission. Versions less than 3.00 are affected.
208e3f01a766287671a0e3e2b7272a4a9fde1c1e1d2bbba46a106581c46998a2
WordPress Email Subscribers and Newsletters plugin versions 4.2.2 and below suffer from a file download vulnerability.
d1c23fbb1b3faddef428fea1307402891ddd22e3ff691d112340c329d3756149
Calavera UpLoader version 3.5 proof of concept denial of service exploit.
6dbc757b021aec5cb44503dee0684cb977b77e8b943aeb4972d6b3e7b6a67c1a
Gentoo Linux Security Advisory 202007-6 - Multiple vulnerabilities have been found in HylaFAX, the worst of which could result in privilege escalation. Versions less than 7.0.2 are affected.
5793152245217de57ffad85f313c1bc789b0c461f823b7a30c6c7879c84ec00b
Gentoo Linux Security Advisory 202007-5 - Multiple vulnerabilities have been found in libexif, the worst of which could result in the arbitrary execution of code. Versions less than 0.6.22 are affected.
15a6e4b54f2662066d3b154bd6a7e74f5327e23f8722f1ebea7394c3fff14270
Free MP3 CD Ripper version 2.8 SEH stack buffer overflow with egghunter.
335f0898fd0f039a8e85b5262cec8c9a563c203cc067dd24b6c3050dcc794241
Port Forwarding Wizard version 4.8.0 suffers from a buffer overflow vulnerability.
d80cc71d902a2f8063701473c1de716c02b83a3515108e0fc11a2f1b0d52a54e
Gentoo Linux Security Advisory 202007-4 - Multiple vulnerabilities have been found in fwupd and libjcat, the worst of which could result in the arbitrary execution of code. Versions less than 1.3.10 are affected.
71a4a63319329bb7ca2873f34a52a76c34e1e87914e0c8347af5da6ef4308499
INNEO Startup TOOLS 2018 M040 version 13.0.70.3804 remote code execution exploit.
eb96a7bf99334a3cc5b17adca3c60e9b821a26fe087cfb1a26860f5320cf75b3
Gentoo Linux Security Advisory 202007-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.13 are affected.
b91c68deb806affd52aaef7ec8de220f22efb4b1fd563f5e4c88378a9d9c35b7
ManageEngine Applications Manager version 13 suffers from a remote SQL injection vulnerability.
cccfd03bdc5c758694db68dbde75dbc8e5e7452655e73fcb2790e4fc1b49cbda
Gentoo Linux Security Advisory 202007-2 - Multiple vulnerabilities have been found in Xen, the worst of which could result in the arbitrary execution of code. Versions less than 4.12.3-r2 are affected.
d2cbb55c00e09e621a2a0b0ed5539f4dbdb318f0d90674b237b7985e6b2c8a6b
Socusoft Photo to Video Converter Professional version 8.07 SEH egghunter local buffer overflow exploit.
8be8590fdc41ad7daadfcc7783e465c9bb2159a63238336bb8b569b03c4383e6
Gentoo Linux Security Advisory 202007-1 - Multiple vulnerabilities have been found in netqmail, the worst of which could result in the arbitrary execution of code. Versions less than 1.06-r13 are affected.
2bc5aa2768224760ae2e5be04e2ea7eb43b0766caf59e79d678a3e2b2c3c64fb
GOautodial version 4.0 suffers from a persistent cross site scripting vulnerability.
876793f760fe7d23e747bb54bff26160a36282cf4994dba3f717ef47828617c6