NNE’s integrity protection mechanism deliberately weakens the key used for computing per-packet message authentication codes (MACs). Oracle Database versions 19c, 12.2.0.1, and 12.1.0.2 are affected.
Microsoft Internet Explorer / ActiveX Control – Security Bypass
WordPress Plugin Typebot 1.4.3 – Stored Cross Site Scripting (XSS) (Authenticated)
Apache Log4j 2 – Remote Code Execution (RCE)
Laravel Valet 2.0.3 – Local Privilege Escalation (macOS)
Apache Log4j2 2.14.1 – Information Disclosure
WebHMI 4.0 – Remote Code Execution (RCE) (Authenticated)
HD-Network Real-time Monitoring System 2.0 – Local File Inclusion (LFI)
Apache Log4j2 versions 2.14.1 and below proof of concept remote code execution exploit. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and…