>> CATEGORY: Security

Drupal < 8.6.10 / < 8.5.11 – REST Module Remote Code Execution

Protecting Windows Privilege Accounts

WebKit JSC – reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter

Nuuo Central Management – Authenticated SQL Server SQL Injection (Metasploit)

Micro Focus Filr 3.4.0.217 – Path Traversal / Local Privilege Escalation

Quest NetVault Backup Server < 11.4.5 – Process Manager Service SQL Injection / Remote Code Execution

Teracue ENC-400 – Command Injection / Missing Authentication

Virtual VCR Max .0a – ‘.vcr’ Buffer Overflow (PoC)

RealTerm Serial Terminal 2.0.0.70 – ‘Echo Port’ Buffer Overflow (SEH)

ScreenStream 3.0.15 – Denial of Service