>> ARCHIVE: 2018-07

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak “C:Program FilesTotalAV” permissions. The specific flaw exists within the access control that is…

G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API.

This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer’s manual being mishandled in various operating system…

Linux/Ubuntu suffers from a vulnerability where other users’ coredumps can be read via a setgid directory and killpriv bypass.

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.

Dicoogle PACS version 2.5.0 suffers from a directory traversal vulnerability.

Linux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.