Severity: High

FastStone Image Viewer v.<= 7.5 is affected by a user mode Write Access Violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

Severity: High

FastStone Image Viewer v.<= 7.5 is affected by a user mode Write Access Violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

Severity: High

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

Severity: High

Tabletopia XSS to RCE due to un-sandboxed Chromium

Severity: High

A remote code execution vulnerability was identified in the weblogin.cgi program used in Zyxel NAS (Network Attached Storage) and firewall products. Missing authentication for the program could allow attackers to perform remote code execution via OS command injection.

After a thorough investigation of the complete product lines, we’ve confirmed that the vulnerability affects the following products running specific firmware versions:

  • NAS products running firmware version 5.21 and earlier.
  • UTM, ATP, and VPN firewalls running firmware version ZLD V4.35 Patch 0 through ZLD V4.35 Patch 2. Those with firmware versions before ZLD V4.35 Patch 0 are NOT affected.

https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml

Severity: High

Zip directory traversal on the import process in Metasploit where a user importing an untrusted ZIP file could lead to code exectuion.

Severity: High

RubyZip Library v.<= 1.2.2 is affected by an Arbitrary File Write vulnerability.

(undisclosed)
(undisclosed)