>> TAG: #0day

Realterm Serial Terminal 2.0.0.70 – Denial of Service

Oracle Java Runtime Environment – Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass

mIRC < 7.55 – Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers

Realterm Serial Terminal 2.0.0.70 – Local Buffer Overflow (SEH)

macOS – Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)

macOS – Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)

macOS – Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)

macOS – Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)

Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 – Arbitrary File Upload

WordPress Plugin WooCommerce – GloBee (cryptocurrency) Payment Gateway 1.1.1 – Payment Bypass / Unauthorized Order Status Spoofing