>> CATEGORY: exploit

Hashicorp vagrant-vmware-fusion versions 4.0.23 and below suffer from a local privilege escalation vulnerability.

IBM Worklight Enterprise Edition and IBM MobileFirst Platform Foundation versions 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0 suffer from an oauth server web api cross site scripting vulnerability.

Microsoft Windows 10 Pro SMBLoris denial of service exploit that takes down a fully patched system with 8 gigs of ram in less than 10 seconds.

Joomla Event Registration Pro Calendar component version 4.1.3 suffers from a remote SQL injection vulnerability.

Joomla Ultimate Property Listing component version 1.0.2 suffers from a remote SQL injection vulnerability.

Joomla LMS King Professional component version 3.2.4.0 suffers from a remote SQL injection vulnerability.

Solarwinds Kiwi Syslog version 9.6.1.6 suffers from a denial of service vulnerability.

Joomla SIMGenealogy component version 2.1.5 suffers from a remote SQL injection vulnerability.

Joomla PHP-Bridge component version 1.2.3 suffers from a remote SQL injection vulnerability.

VehicleWorkshop suffers from a remote SQL injection vulnerability that allows for authentication bypass.