launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.
>> ARCHIVE: 2020-02
XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure and corruption vulnerabilities in XPC services.
The Samsung kernel suffers from a heap out-of-bounds write in /dev/tsmux.
This Metasploit modules waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom broadcast, triggering a stack buffer overflow.
EPSON EasyMP Network Projection 2.81 – ‘EMP_NSWLSV’ Unquoted Service Path
HomeGuard Pro 9.3.1 – Insecure Folder Permissions
phpMyChat Plus 1.98 – ‘pmc_username’ SQL Injection
WordPress Contact-Form-7 plugin version 5.1.6 suffers from a remote file upload vulnerability.
MyVideoConverter Pro version 3.14 suffers from multiple buffer overflow vulnerabilities.
WordPress Tutor plugin version 1.5.3 suffers from a cross site scripting vulnerability.