Tag: 0day

[remote] CyberArk 9.7 – Memory Disclosure

[webapps] Joomla! Component JE Photo Gallery 1.1 – 'categoryid' SQL Injection

[webapps] Schneider Electric PLC – Session Calculation Authentication Bypass

[dos] VBScript – 'rtFilter' Out-of-Bounds Read

[webapps] Synaccess netBooter NP-02x/NP-08x 6.8 – Authentication Bypass

[dos] Linux Kernel 4.8 (Ubuntu 16.04) – Leak sctp Kernel Pointer

[local] HTML5 Video Player 1.2.5 – Buffer Overflow (Metasploit)

[local] xorg-x11-server < 1.20.3 – 'modulepath' Local Privilege Escalation

[dos] VBScript – 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free

[remote] Apache Spark – Unauthenticated Command Execution (Metasploit)