Rapid7 Nexpose Installer 6.6.39 – ‘nexposeengine’ Unquoted Service Path
>> ARCHIVE: 2020-09
Rapid7 Nexpose Installer 6.6.39 – ‘nexposeengine’ Unquoted Service Path
RAD SecFlow-1v SF_0290_2.3.01.26 – Cross-Site Request Forgery (Reboot)
RAD SecFlow-1v SF_0290_2.3.01.26 – Persistent Cross-Site Scripting
CuteNews version 2.1.2 remote code execution exploit.
Tiandy IPC and NVR version 9.12.7 suffer from a credential disclosure vulnerability.
The ZTE F602W router suffers from a CAPTCHA bypass vulnerability.
Mobile Shop System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Gnome Fonts Viewer version 3.34.0 suffers from a heap corruption vulnerability.
Microsoft Internet Explorer 11 use-after free exploit that triggers when Array.sort() is called with a comparator function. The two arguments are untracked by the garbage collector.
Tea LaTex version 1.0 suffers from an unauthenticated remote code execution vulnerability.