>> CATEGORY: Security

Zimbra < 8.8.11 – XML External Entity Injection / Server-Side Request Forgery

Google Chrome 73.0.3683.103 – ‘WasmMemoryObject::Grow’ Use-After-Free

Exim 4.87 < 4.91 – (Local / Remote) Command Execution

DVD X Player 5.5 Pro – Local Buffer Overflow (SEH)

IceWarp 10.4.4 – Local File Inclusion

NUUO NVRMini 2 3.9.1 – ‘sscanf’ Stack Overflow

Cisco RV130W 1.0.3.44 – Remote Stack Overflow

Zoho ManageEngine ServiceDesk Plus 9.3 – ‘SiteLookup.do’ Cross-Site Scripting

Vim < 8.1.1365 / Neovim < 0.3.6 – Arbitrary Code Execution

[Hebrew] Digital Whisper Security Magazine #101