As the COVID-19 pandemic continues to spread throughout the world, an increasing percentage of the workforce will be forced to work remotely in an effort to “flatten the curve” of this deadly virus. In preparation for this massive shift, it’s
Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.
A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time.
Knowledge of the validation key allows an authenticated user with a mailbox to pass arbitrary objects