>> CATEGORY: exploit

Nsasoft Hardware Software Inventory version 1.6.4.0 suffers from a denial of service vulnerability.

Trojan-Spy.Win32.KeyLogger.qt malware suffers from an insecure permissions vulnerability.

MyBB OUGC Feedback plugin version 1.8.22 suffers from a cross site scripting vulnerability.

Big IP’s Traffic Management Microkernels (TMM) URI normalization incorrectly handles invalid IPv6 hostnames allowing for information disclosure and an out-of-bounds write condition.

Trojan-Dropper.Win32.Hamer.10 malware suffers from a denial of service vulnerability.

The bd daemon, which runs as part of the F5 BIG-IP Application Security Manager (ASM), is vulnerable to a stack-based buffer overflow when processing overlong HTTP response headers in the…

Atlassian JIRA version 8.11.1 suffers from a user enumeration vulnerability.

WEBIM version 10.2.55 suffers from a cross site scripting vulnerability.

The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user.

Microsoft Windows has an issue with containers where the kernel incorrectly chooses the wrong silo when looking up the root object manager directory leading to elevation of privilege.