>> ARCHIVE: 2019-10

Joomla versions 3.0.0 through 3.4.6 suffer from a remote code execution vulnerability in configuration.php.

Logrotate versions up to and including 3.15.1 suffer from a privilege escalation vulnerability.

Subrion version 4.2.1 suffers from a persistent cross site scripting vulnerability.

IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.

IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6…

Zabbix version 4.2 suffers from an authentication bypass vulnerability.

Zabbix versions 4.4 and below authentication bypass demo proof of concept exploit.

freeFTP version 1.0.8 remote buffer overflow exploit.

Tellion HN-2204AP router remote configuration disclosure exploit.

vBulletin versions 5.5.4 and below suffer from multiple remote SQL injection vulnerabilities.