>> CATEGORY: Security

Jungo Windriver 12.5.1 – Privilege Escalation

D-Link Routers 110/412/615/815 < 1.03 – 'service.cgi' Arbitrary Code Execution

HPE iMC – dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)

SAP NetWeaver J2EE Engine 7.40 – SQL Injection

Multiple CPUs – Information Leak Using Speculative Execution

Microsoft Edge Chakra – ‘asm.js’ Out-of-Bounds Read

Microsoft Windows – ‘nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)’ Kernel Stack Memory Disclosure

Microsoft Edge Chakra JIT – Escape Analysis Bug

Microsoft Edge Chakra JIT – BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches

Microsoft Windows – ‘nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)’ Kernel Pool Memory Disclosure