Magento suffers from product attribute information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
>> CATEGORY: exploit
CloudMe Sync version 1.9.2 remote buffer overflow exploit. Tested on Win7 32b SP1.
Softros Network Time System Server version 2.3.4 suffers from a denial of service vulnerability.
Chrome V8 JIT suffers from a simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement optimization bug.
Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate fails to ensure that the prototype is “null”.
Chrome V8 has an empty BytecodeJumpTable that may lead to an out-of-bounds read.
Chrome V8 JIT suffers from a type confusion vulnerability in GetSpecializationContext.
CylanceSVC suffers from an anti-tamper bypass vulnerability.
Segger embOS/IP FTP Server version 3.22 suffers from a denial of service vulnerability.
HPE System Management versions 7.6.0.11 and below suffer from a cross site scripting vulnerability.