XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.
Microsoft Windows has an issue where you can use the CreateProcessWithLogon API to escape a write restricted service and achieve full write access as the service user.
Multiple Schneider Electric EVlink Charging Stations suffers from authentication bypass and remote code execution vulnerabilities.
osCommerce 2.3.4.1 – Remote Code Execution (2)
WordPress Plugin Popular Posts 5.3.2 – Remote Code Execution (RCE) (Authenticated)
These are details on an open redirection vulnerability in Apache Tomcat version 9.0.0M1 that was discovered in 2018.
These are details on a cross site scripting vulnerability in Apache Tomcat version 9.0.0M1 that was discovered in 2019.
HEUR.Backdoor.Win32.Agent.gen malware suffers from an insecure permissions vulnerability.
Backdoor.IRC.Ataka.a malware suffers from an insecure permissions vulnerability.
Trojan-Proxy.Win32.Ranky.gen malware suffers from an unauthenticated open proxy vulnerability.