Apple Security Advisory 2020-09-16-2 – tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.
>> ARCHIVE: 2020-09
Apple Security Advisory 2020-09-16-3 – Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.
Apple Security Advisory 2020-09-16-4 – watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.
Apple Security Advisory 2020-09-16-5 – Xcode 12.0 is now available and addresses a code execution vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication is required to exploit this vulnerability. Additionally, the target user must have the “Data…
Microsoft SQL Server Reporting Services 2016 suffers from a remote code execution vulnerability.
This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there…
Mantis Bug Tracker 2.3.0 – Remote Code Execution (Unauthenticated)
SpamTitan 7.07 – Remote Code Execution (Authenticated)
Proof of concept exploit for the Windows Zerologon vulnerability as noted in CVE-2020-1472. By default, it changes the password of the domain controller account.