山石网科WAF 远程代码执行漏洞

山石网科 Web 应用防火墙（WAF）是山石网科的一款Web 应用安全防护产品。 在WAF的验证码页面，存在命令注入漏洞，恶意攻击者可通过构造恶意请求，拼接命令执行任意代码，控制服务器。

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.

Linux Kernel Heap-Based Buffer Overflow

Linux kernel contains a heap\-based buffer overflow vulnerability in the legacy\_parse\_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.

Dahua IP Camera Authentication Bypass Vulnerability

Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.

Dahua IP Camera Authentication Bypass Vulnerability

Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.