>> TAG: #0day

GoAhead Web Server 2.5 < 3.6.5 – HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit)

Oracle VirtualBox < 5.1.30 / < 5.2-rc1 – Guest to Host Escape

HackSysTeam Windows Kernel Vulnerable Driver: Type Confusion Vulnerability Exploitation

Sync Breeze Enterprise 9.5.16 – ‘Import Command’ Buffer Overflow (Metasploit)

RAVPower 2.000.056 – Memory Disclosure

NEC Univerge SV9100/SV8100 WebPro 10.0 – Configuration Download

HP Connected Backup 8.6/8.8.6 – Local Privilege Escalation

CentOS Web Panel 0.9.8.12 – ‘row_id’ / ‘domain’ SQL Injection

MixPad 5.00 – Buffer Overflow

Hardcore SAP Penetration Testing