Microsoft Windows 10 – Child Process Restriction Mitigation Bypass
>> ARCHIVE: 2018-06
Microsoft Windows 10 – Child Process Restriction Mitigation Bypass
MACCMS 10 – Cross-Site Request Forgery (Add User)
The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted pff file.
The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted mobi file. The mobi_pk1_decrypt function in encryption.c in…
The libfsntfs_attribute_read_from_mft function in libfsntfs_attribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file. The libfsntfs_reparse_point_values_read_data function in libfsntfs_reparse_point_values.c…
OX App Suite versions 7.8.4 and below suffer from cross site scripting, improper privilege management, content spoofing, server-side request forgery, and path traversal vulnerabilities.
XiongMai uc-httpd version 1.0.0 suffers from a buffer overflow vulnerability.
WebCTRL suffers from an out-of-band XML external entity injection vulnerability.
SensioLabs Symfony version 3.3.6 suffers from a cross site scripting vulnerability.
Schools Alert Management Script suffers from a remote SQL injection vulnerability.