:: Deepquest ::

pfBlockerNG 2.1.4_26 – Remote Code Execution (RCE)

Argon Dashboard version 1.1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Demanzo Matrimony version 1.5 suffers from a cross site request forgery vulnerability.

Zabbix Agent and Zabbix Agent 2 versions 6.2.7 and below suffer from an issue where it does not secure the permissions on a non-default installation directory, allowing an attacker to place a malicious executable to escalate privileges.

Best POS Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Best POS Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Best POS Management System version 1.0 suffers from a remote shell upload vulnerability.

Kardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution.

Debian Linux Security Advisory 5351-1 – An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Debian Linux Security Advisory 5352-1 – An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.