>> CATEGORY: exploit

Sudo’s get_process_ttyname() on Linux suffers from a race condition that allows for root privilege escalation.

Riverbed SteelHead VCX version 9.6.0a suffers from an arbitrary file read vulnerability.

RealPlayer version 18.1.7.344 suffers from memory corruption vulnerabilities.

CERIO 11nbg 2.4Ghz high power wireless router (pekcmd) has multiple backdoor accounts that yield rootshells.

Ampache version 3.8.2 suffers from a cross site scripting vulnerability.

TiEmu versions 2.08 and below suffer from a stack-based buffer overflow vulnerability.

Intel SSD Toolbox version 3.4.3 suffers from a dll hijacking vulnerability.

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

Microsoft Windows MsMpEng suffers from a remotely exploitable use-after-free vulnerability due to a design issue in the GC engine.

TerraMaster F2-420 NAS TOS version 3.0.30 suffers from an unauthenticated remote root code execution vulnerability.