>> TAG: #0day

Kerberos in Microsoft Windows – Security Feature Bypass (MS16-101)

Microix Timesheet Module – SQL Injection

AnyDesk 2.5.0 – Unquoted Service Path Privilege Escalation

Kerio Control Unified Threat Management 9.1.0 build 1087, 9.1.1 build 1324 – Multiple Vulnerabilities

Exponent CMS 2.3.9 – Blind SQL Injection

Kaltura 11.1.0-2 – Remote Code Execution (Metasploit)

Symantec rar Decomposer Engine (Multiple Products) – Out-of-Bounds Read / Out-of-Bounds Write

Microsoft Office PowerPoint 2010 – Invalid Pointer Reference

VegaDNS 0.13.2 – Remote Command Injection

Dolphin 7.3.0 – Error-Based SQL Injection