An update for the module Oracle WebLogic WLS Core Components T3 Remote Code Execution Exploit that fixes a problem while using it in a pivoted context.

In PHP, when using Apache and PHP-CGI on Windows and if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow remote attackers to pass options to PHP binary being run, leading to execute system commands in the context of the affected application.

A java unsafe reflection vulnerability present in Gremlin scripting feature of Apache HugeGraph allows remote attackers to execute system commands in the context of the affected application.

An authorized attacker with regular user privileges may be able to inject a malicious file and then convince a user to execute a UWP application.An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

A directory traversal vulnerability in the /clients/MyCRL endpoint of sslvpn.full allows unauthenticated remote attackers to download system files.

A directory traversal vulnerability in the WebResourceServiceImpl class of org.sonatype.nexus.internal.webresources allows unauthenticated remote attackers to download any file, including system files outside of Sonatype Nexus Repository Manager application scope.

An unmarshal reflection vulnerability in GlobalProtect feature of Palo Alto Networks PAN-OS software allows unauthenticated remote attackers to create empty arbitrary directories and files in the operating system. If device telemetry is enabled, then remote OS command injection is possible via the dt_curl python module.

A Server-side Template Injection vulnerability in CrushFTP allows unauthenticated remote attackers to leak server variables values and read arbitrary files in the operating system. This allows authentication bypass of currently logged in users via leak of session tokens by sessions.obj file or log files reading. If the leaked session token is from a CrushFTP administrator user then remote code execution is possible via arbitrary class instantiation vulnerability on the admin panel (dynamic SQL driver loading).

The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a buffer overflow, which can result in out-of-bounds memory write to paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.

This exploit leverages an information disclosure vulnerability in Microsoft Outlook. By using a crafted path, unauthorized access can be obtained, allowing for the theft of NTLM hashes.

This update add suport for unautheticated SMTP servers.