>> CATEGORY: exploit

D-Link DIR-600M Wireless suffers from a cross site scripting vulnerability.

uWSGI versions prior to 2.0.17 suffer from a directory traversal vulnerability.

TestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.

IrfanView email plugin version 4.50 SEH unicode buffer overflow exploit.

IrfanView email plugin version 4.44 SEH buffer overflow exploit.

Suricata versions prior to 4.0.4 suffer from a detection bypass vulnerability. Proof of concept exploit included.

DualDesk version 20 suffers from a denial of service vulnerability.

Sophos UTM 9 version 9.410 suffers from a loginuser privilege escalation vulnerability.

OTRS versions 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1 suffer from remote code execution vulnerabilities.

A Chromium incorrect size calculation when deserializing Mojo “Event” messages can lead to out-of-bounds access.