Sonatype Nexus Repository Manager OSS/Pro versions 2.14.5 and below and 3.7.1 and below suffer from multiple cross site scripting vulnerabilities.
The macOS kernel suffers from a use-after-free issue due to a lack of locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort.
HPE iLO4 versions prior to 2.54 add new administrator user exploit.
macOS Kernel – Use-After-Free Due to Lack of Locking in ‘AppleEmbeddedOSSupportHostClient::registerNotificationPort’
Tags: 0day, remote exploitGeovision Inc. IP Camera and Video Server remote command execution proof of concept exploit.
Adobe Coldfusion version 11.0.03.292866 BlazeDS java object deserialization remote code execution exploit.
PHP Scripts Mall Doctor Search Script version 1.0.2 suffers from a cross site scripting vulnerability.
Naukri Clone Script version 3.0.3 suffers from a persistent cross site scripting vulnerability.
Entrepreneur Dating Script version 2.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Multilanguage Real Estate MLM Script versions 3.0 and below suffer from a persistent cross site scripting vulnerability.