>> TAG: #0day

MistServer 2.12 – Cross-Site Scripting

Linux Kernel – ‘The Huge Dirty Cow’ Overwriting The Huge Zero Page

Jobs2Careers / Coroflot Clone – SQL Injection

macOS High Sierra – Root Privilege Escalation (Metasploit)

pfSense – Authenticated Group Member RCE (Metasploit)

QEMU – NBD Server Long Export Name Stack Buffer Overflow

Android Gmail < 7.11.5.176568039 – Directory Traversal in Attachment Download

Synology StorageManager 5.2 – Remote Root Command Execution

Diving Log 6.0 – XML External Entity Injection

Microsoft Edge Chakra JIT – ‘GlobOpt::OptTagChecks’ Must Consider IsLoopPrePass Properly