IPTInstaller 4.0.9 – ‘PassThru Service’ Unquoted Service Path
>> ARCHIVE: 2020-11
IPTInstaller 4.0.9 – ‘PassThru Service’ Unquoted Service Path
Realtek Andrea RT Filters 1.0.64.10 – ‘AERTSr64.EXE’ Unquoted Service Path
Winstep 18.06.0096 – ‘Xtreme Service’ Unquoted Service Path
SuiteCRM 7.11.15 – ‘last_name’ Remote Code Execution (Authenticated)
HP Display Assistant x64 Edition 3.20 – ‘DTSRVC’ Unquoted Service Path
SmartBlog version 2.0.1 suffers from a remote blind SQL injection vulnerability.
BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability.
Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.
Sentrifugo version 3.2 announcements authenticated remote code execution exploit.
Sentrifugo version 3.2 assets authenticated remote code execution exploit.