>> ARCHIVE: 2016-02

This one is complicated, but allows an attacker to read any file on the filesystem by clicking a link. You don’t even have to know the name or path of…

Netgear Pro NMS 300 suffers from code execution and arbitrary file download vulnerabilities.

ThumbDrive version 1.1 suffers from local file inclusion and remote file upload vulnerabilities.

Mobile Drive Free 1.8 suffers from local file inclusion and remote file upload vulnerabilities.

The default Samsung email client’s email viewer and composer (implemented in SecEmailUI.apk) doesn’t sanitize HTML email content for scripts before rendering the data inside a WebView. This allows an attacker…

This proof of concept file causes memory corruption when it is scanned by the face recognition library in android.media.process.

This jpg file causes an invalid pointer to be freed when media scanning occurs on Samsung Galaxy S6.

This mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server.

There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method in Google Chrome.

When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Additionally, all shortcuts are replaced with Chromodo links and…