SmartRG Router version 2.6.13 suffers from a remote code execution vulnerability.
>> CATEGORY: exploit
Infix LMS version 4.3.0 suffers from a remote shell upload vulnerability.
Infix LMS version 4.3.0 suffers from an iframe injection vulnerability.
ETAP Safety Manager version 1.0.0.32 suffers from a cross site scripting vulnerability.
SACCO-2022 suffers from a remote SQL injection vulnerability.
The Windows kernel suffers from a use-after-free vulnerability due to a refcount overflow in the registry hive security descriptors.
The Windows kernel suffers from an invalid read/write condition due to an unchecked Blink cell index in the root security descriptor.
The Windows kernel suffers from multiple memory problems when handling incorrectly formatted security descriptors in registry hives.
On Windows, a number of Kerberos CG APIs do not verify the ASN1 PDU type when decoding and encoding Kerberos ASN1 structures leading to type confusion and elevation of privilege.
On Windows, the method for allocating a context when using the CG BCrypt APIs is insecure leading to use-after-free of secure memory resulting in elevation of privilege.