DynaTrace UEM versions 6.3.x, 6.2.x, and 6.1.x suffer from a cookie manipulation vulnerability that can cause a server-side crash.
>> CATEGORY: exploit
Fuzzing packed executables with McAfee’s LiveSafe version 14.0 on Windows found a signedness error parsing sections and relocations.
Linux suffers from a reference count overflow using BPF maps.
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.
CMS Made Simple versions prior to 2.1.3 and 1.12.2 suffer from a web server cache poisoning vulnerability.
OXID eShop Community Edition version 4.9.7 suffers from path traversal and privilege escalation vulnerabilities.
Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.
NetCommWireless HSPA 3G10WVE suffers from authentication bypass and remote code execution vulnerabilities.
libxml versions prior to 2.9.3 suffer from a stack overflow vulnerability when parsing a malicious file.
Zabbix Agent version 3.0.1 suffers from a remote shell command injection vulnerability via mysql.size.