ECOA building automation systems suffer from authorization bypass and insecure direct object reference vulnerabilities. Many versions are affected.
ECOA building automation systems suffer from a local file disclosure vulnerability. Many versions are affected.
Backdoor.Win32.WinterLove.i malware suffers from a hardcoded credential vulnerability.
ECOA building automation systems suffer from an arbitrary file deletion vulnerability. Many versions are affected.
Internet Explorer suffers from an issue where incorrect JIT optimization in jscript9.dll leads to memory corruption.
This Metasploit module exploits an OGNL injection in Atlassian Confluence’s WebWork component to execute commands as the Tomcat user.
https://spm-sk.go.th notified by Panataran
https://www.nkpthospital.go.th/readme.html notified by ./G1L4N6_ST86
WordPress TablePress plugin version 1.14 suffers from a csv injection vulnerability.
The Rencode python module for object serialization suffers from a 3-byte denial of service vulnerability.