>> CATEGORY: exploit

NetShareWatcher version 1.5.8.0 local SEH buffer overflow exploit.

JFrog Artifactory versions prior to 6.8.7 suffer from an administrative access bypass vulnerability due to relying on an X-Forwarded-For header.

NSS suffers from a NULL dereference issue when parsing Netscape Certificate Sequences in CERT_DecodeCertPackage().

MyBB Upcoming Events plugin version 1.32 suffers from a cross site scripting vulnerability.

Netartmedia Real Estate Portal version 5.0 suffers from a remote SQL injection vulnerability.

Netartmedia Event Portal version 2.0 suffers from a remote SQL injection vulnerability.

Gila CMS version 1.9.1 suffers from a cross site scripting vulnerability.

Netartmedia PHP Mall version 4.1 suffers from a remote SQL injection vulnerability.

eNdonesia Portal version 8.7 suffers from remote SQL injection and iframe injection vulnerabilities.

There appears to be a race condition in the destruction of the ExtensionsGuestViewMessageFilter if the ProcessIdToFilterMap is modified concurrently in Chrome.