Apple Security Advisory 2017-10-05-1 – macOS High Sierra 10.13 Supplemental Update is now available and addresses a password hint issue and keychain extraction vulnerabilities.
>> ARCHIVE: 2017-10
PyroBatchFTP 3.17 – Buffer Overflow (SEH)
http://dopapedia.dopa.go.th/007.html notified by Probiltar ISIS
Microsoft Windows 10 x64 RS2 – ‘win32kfull!bFill’ Pool Overflow
A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.
e2openplugin OpenWebif versions 0.2.9 through 1.2.4 suffer from a code execution vulnerability.
ERS Data System version 1.8.1 suffers from a java deserialization vulnerability.
Apache Tomcat versions prior to 9.0.1 (Beta), 8.5.23, 8.0.47, and 7.0.8 suffer from a jsp upload bypass vulnerability that allows for remote code execution.
EPESI version 1.8.2 revision 20170830 suffers from a cross site scripting vulnerability.
Fiberhome AN5506-05-F suffers from a command injection vulnerability.