The Vulnerability Laboratory Research team discovered an application-side input validation web vulnerability in the official Getpdp online service web-application.
Toshiba Viewer 2 suffers from a denial of service vulnerability when handling malicious .fax files.
WPS Office versions prior to 2016 suffer from a .ppt handling heap memory corruption vulnerability.
WPS Office versions prior to 2016 suffer from a .doc handling heap memory corruption issue when dealing with an invalid value in the OneTableDocumentStream data section.
WPS Office versions prior to 2016 suffer from a .ppt drawingContainer length header handling issue that leads to memory corruption.
WPS Office versions prior to 2016 suffer from a .xls heap memory corruption vulnerability.
PHPSYSINFO versions 3.1.12 and below suffer from a local file disclosure vulnerability.
DAQMaster version 1.7.3 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .DQP project file with a large array of bytes inserted in the ‘Description’ element. Successful exploitation […]
openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well written and thoroughly documented piece of research.
HP Client Security Manager version 8.3.4 suffers from a cross site scripting vulnerability.