Avast suffers from an out-of-bounds copy vulnerability in Array.prototype.toString.
>> AUTHOR: deepcore
This archive contains all of the 166 exploits added to Packet Storm in May, 2020.
Microsoft Windows – ‘SMBGhost’ Remote Code Execution
vCloud Director 9.7.0.15498291 – Remote Code Execution
WordPress Plugin BBPress 2.5 – Unauthenticated Privilege Escalation
QuickBox Pro 2.1.8 – Authenticated Remote Code Execution
Various PanaceaSoft products appear to suffer from a shell upload vulnerability.
WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability.
Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability.
Apple Security Advisory 2020-05-26-2 – iOS 12.4.7 addresses an out of bounds write vulnerability.