myBB forums version 1.8.26 suffers from a persistent cross site scripting vulnerability.
>> ARCHIVE: 2023-03
DSL-124 Wireless N300 ADSL2+ suffers from a backup disclosure vulnerability.
Covenant version 0.5 suffers from a remote code execution vulnerability.
Virtual Reception version 1.0 suffers from a directory traversal vulnerability.
Lavasoft version 4.1.0.409 suffers from an unquoted service path vulnerability.
CrowdStrike Falcon Agent version 6.44.15806 has an uninstall bypass flaw that works without an installation token.
Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.
WordPress WPForms plugin version 1.7.8 suffers from a cross site scripting vulnerability.
Eve-ng version 5.0.1-13 suffers from a cross site scripting vulnerability.
A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. Due to a flaw…