TrendMicro node.js HTTP Server Listening on localhost Can Execute Commands
>> ARCHIVE: 2016-01
TrendMicro node.js HTTP Server Listening on localhost Can Execute Commands
WordPress AzonPop plugin version 1.0.0 suffers from a remote SQL injection vulnerability.
Proof of concept code that demonstrates a use-after-free when setting stage in Adobe Flash.
There is a use-after-free in Adobe Flash that appears to be related to rendering the display based on multiple scripts.
Adobe Flash suffers from an out-of-bounds memset in BlurFilter processing.
Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability in graphs_new.php.
Netgear router version 1.0.0.24 suffers from a cross site scripting vulnerability.
AVM FRITZ!OS versions prior to 6.30 suffer from an html injection vulnerability.
TrueCrypt versions 7.1a and 7.2 suffer from a DLL hijacking vulnerability with their installers.
WordPress Symposium Pro Social plugin version 15.12 suffers from cross site request forgery and cross site scripting vulnerabilities.