>> ARCHIVE: 2020-09

Microsoft Windows TCPIP Finger Command finger.exe that ships with the OS, can be used as a file downloader and makeshift C2 channel. Legitimate use of Windows Finger Command is to…

A race condition exists with munmap() downgrades in Linux kernel versions since 4.20.

RAD SecFlow-1v version SF_0290_2.3.01.26 suffers from a persistent cross site scripting vulnerability.

Rapid7 Nexpose Installer version 6.6.39 suffers from an unquoted service path vulnerability.

RAD SecFlow-1v version SF_0290_2.3.01.26 suffers from a cross site request forgery vulnerability.

The installer in Pearson Vue VTS version 2.3.1911 suffers from an unquoted service path vulnerability.

Joomla! paGO Commerce component 2.5.9.0 suffers from an authenticated remote SQL injection vulnerability.