An unauthenticated java deserialization vulnerability via T3 protocol in Oracle Weblogic Server allows an attacker to upload and execute a java class file to gain arbitrary code execution on the affected system.



This update adds xml tags to prevent pivoting.

An unauthenticated java deserialization vulnerability via T3 protocol in Oracle Weblogic Server allows an attacker to upload and execute a java class file to gain arbitrary code execution on the affected system.

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.



To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.



The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

The administrative console in Pydio Cells allows a user with administrator role to set the path for the sendmail binary executable, when the "sendmail" option is selected in the mailer configuration.

Due to lack of sanitization in the given parameter, an administrator user can set the path to an arbitrary binary.

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.

The ene.sys driver in Trident Z Lighting Control before v1.00.17 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges.

The specific flaw exists within DATACORE server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.

An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address.