_GCafé 3.0 – ‘gbClienService’ Unquoted Service Path
>> AUTHOR: deepcore
_GCafé 3.0 – ‘gbClienService’ Unquoted Service Path
iOS IOUSBDeviceFamily 12.4.1 – ‘IOInterruptEventSource’ Heap Corruption (PoC)
Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.
SolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.
Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.
Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.
The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
Adaware Web Companion version 4.8.2078.3950 suffers from an unquoted service path vulnerability.
WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion.
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication using the RDS component. Due to default settings or misconfiguration, its password can be set to an…