Directus Suite CMS version 7.0.15 suffers from a database disclosure vulnerability.
>> AUTHOR: deepcore
Shinobi Security Software version 1.0 suffers from a database disclosure vulnerability.
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (sun.rmi.server.UnicastRef) to the interface to execute code on vulnerable hosts.
phpFileManager version 1.7.8 suffers from a local file inclusion vulnerability.
Google Chrome 72.0.3626.96 / 74.0.3702.0 – ‘JSPromise::TriggerPromiseReactions’ Type Confusion
WebKit JavaScriptCore – ‘createRegExpMatchesArray’ Type Confusion
iOS < 12.2 / macOS < 10.14.4 XNU – pidversion Increment During execve is Unsafe
WebKit JavaScriptCore – Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
WebKit JavaScriptCore – CodeBlock Dangling Watchpoints Use-After-Free
AIDA64 Business 5.99.4900 – SEH Buffer Overflow (EggHunter)