>> TAG: #0day

Computrols CBAS-Web 19.0.0 – ‘username’ Reflected Cross-Site Scripting

Acronis True Image OEM 19.0.5128 – ‘afcdpsrv’ Unquoted Service Path

eMerge E3 1.00-06 – Unauthenticated Directory Traversal

Wondershare Application Framework Service 2.4.3.231 – ‘WsAppService’ Unquote Service Path

Alps HID Monitor Service 8.1.0.10 – ‘ApHidMonitorService’ Unquote Service Path

XML Notepad 2.8.0.4 – XML External Entity Injection

iMessage – Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address

Adobe Acrobat Reader DC for Windows – Use of Uninitialized Pointer due to Malformed JBIG2Globals Stream

Adobe Acrobat Reader DC for Windows – Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)

_GCafé 3.0 – ‘gbClienService’ Unquoted Service Path