>> TAG: #0day

antMan 0.9.0c – Authentication Bypass

Redaxo CMS Addon MyEvents 2.2.1 – SQL Injection

Softros Network Time System Server 2.3.4 – Denial of Service

Chrome V8 JIT – Empty BytecodeJumpTable Out-of-Bounds Read

Chrome V8 JIT – ‘GetSpecializationContext’ Type Confusion

Chrome V8 JIT – Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug

Dup Scout Enterprise 10.5.12 – ‘Share Username’ Local Buffer Overflow

Sophos UTM 9.410 – ‘loginuser’ ‘confd’ Service Privilege Escalation

NETGEAR – ‘TelnetEnable’ Magic Packet (Metasploit)

Xion 1.0.125 – ‘.m3u’ Local SEH-Based Unicode Venetian Exploit