An attacker can use hardcoded credentials to get unauthorized access and perform various actions in the NetWeaver AS ABAP. In addition, it is likely that the code will be implemented…
>> ARCHIVE: 2015-09
Synology Video Station version 1.5-0757 suffers from remote command injection and SQL injection vulnerabilities.
Synology Download Station versions 3.5-2956 and 3.5-2962 suffer from multiple cross site scripting vulnerabilities.
SAP NetWeaver AS Java version 7.4 suffers from multiple XXE vulnerabilities. An attacker can read an arbitrary file on a server by sending a correct XML request with a crafted…
Android Stagefright remote code execution exploit that leverages an integer overflow in the libstagefright MP4 ‘stsc’ atom handling.
Logitech Webcam Software 1.1 – eReg.exe SEH/Unicode Buffer Overflow
OpenLDAP 2.4.42 – ber_get_next Denial of Service
OS X x64 – tcp bind shellcode, NULL byte free (144 bytes)
WordPress Easy Media Gallery plugin version 1.3.47 suffers from a stored cross site scripting vulnerability.