>> TAG: #0day

pfsenseCE v2.6.0 – Anti-brute force protection bypass

Goanywhere Encryption helper 7.1.1 – Remote Code Execution (RCE)

FortiRecorder 6.4.3 – Denial of Service

Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit – Remote Code Execution (RCE)

dotclear 2.25.3 – Remote Code Execution (RCE) (Authenticated)

MAC 1200R – Directory Traversal

Tenda N300 F3 12.01.01.48 – Malformed HTTP Request Header Processing

IBM Aspera Faspex 4.4.1 – YAML deserialization (RCE)

ChurchCRM 4.5.1 – Authenticated SQL Injection

NotrinosERP 0.7 – Authenticated Blind SQL Injection