The DFG and FTL JIT compilers incorrectly replace Checked with Unchecked ArithNegate operations (and vice versa) during Common Subexpression Elimination. This can then be exploited to cause out-of-bounds accesses and…
Sabberworm PHP CSS parser suffers from a code injection vulnerability. Many versions are affected.
Apache Tomcat is affected by a Java deserialization vulnerability if the PersistentManager is configured as session manager. Successful exploitation requires the attacker to be able to upload an arbitrary file…
Insecure TLS session reuse can lead to a hostname verification bypass in Node.js.
Apple Security Advisory 2020-06-01-1 – iOS 13.5.1 and iPadOS 13.5.1 are now available and address a code execution vulnerability.
Apple Security Advisory 2020-06-01-2 – macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra are now available and address a code execution vulnerability.
Apple Security Advisory 2020-06-01-3 – tvOS 13.4.6 is now available and addresses a code execution vulnerability.
Apple Security Advisory 2020-06-01-4 – watchOS 6.2.6 is now available and addresses a code execution vulnerability.
Online Marriage Registration System 1.0 – Remote Code Execution
D-Link DIR-615 T1 20.10 – CAPTCHA Bypass