>> TAG: #0day

BEIMS ContractorWeb 5.18.0.0 – SQL Injection

Conarc iChannel – Improper Access Restrictions

Joomla! Component NextGen Editor 2.1.0 – ‘plname’ SQL Injection

BrightSign Digital Signage – Multiple Vulnerablities

Microsoft Internet Explorer 11 – ‘jscript!JSONStringifyObject’ Use-After-Free

Tuleap 9.6 – Second-Order PHP Object Injection (Metasploit)

Microsoft Windows – jscript.dll ‘Array.sort’ Heap Overflow

Intel Content Protection HECI Service – Type Confusion Privilege Escalation

Microsoft Windows – ‘jscript!JsArraySlice’ Uninitialized Variable

Microsoft Windows – ‘jscript!RegExpFncObj::LastParen’ Out-of-Bounds Read