XNU has an issue where missing locking in checkdirs_callback() enables a race condition with fchdir_common().
>> ARCHIVE: 2019-11
html5_snmp version 1.11 suffers from a persistent cross site scripting vulnerability.
html5_snmp version 1.11 suffers from a remote SQL injection vulnerability.
Smartwares HOME easy 1.0.9 – Database Backup Information Disclosure
Smartwares HOME easy 1.0.9 – Client-Side Authentication Bypass
QNAP NetBak Replicator 4.5.6.0607 – ‘QVssService’ Unquoted Service Path
Wacom WTabletService 6.6.7-3 – ‘WTabletServicePro’ Unquoted Service Path
Microsoft Office365 suffers from an issue where auto-execution of macro-enabled office documents can be leveraged simply by the file having the same name as a prior document with permissions.
Launch Manager version 6.1.7600.16385 suffers from a DsiWMIService unquoted service path vulnerability.
Ayukov NFTP client version 1.71 suffers from a SYST buffer overflow vulnerability.