A remote code execution in Windows Codecs Library has been fixed by Microsoft with out-of-band patch on 30th June 2020.
The vulnerability allows attacker to remotely execute arbitrary code, if the victim opens maliciously crafted media file.
Disclosure Date: May 11, 2007 (last updated July 30, 2020)
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
Disclosure Date: February 12, 2019 (last updated July 24, 2020)
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.
Disclosure Date: June 04, 2019 (last updated July 23, 2020)
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.