PivotX version 2.3.11 suffers from a reflective cross site scripting vulnerability.
>> ARCHIVE: 2016-03
PivotX version 2.3.11 suffers from a directory traversal vulnerability.
PivotX version 2.3.11 suffers from a remote shell upload vulnerability.
BigTree version 4.2.8 suffers from object injection and improper filename sanitization.
The Grandstream Wave application version 1.0.1.26 periodically queries the Grandstream server for app updates. If a new update is found, the app shows a notification to the user that either…
Microsoft Internet Explorer has a read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout issue.
The avmplus bytecode verifier misses a control-flow path via op_pushwith throwing an exception allowing crafted bytecode to be incorrectly optimized which can trivially be abused to get code execution.
There is a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.
There is a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.
The SecLogon service does not sanitize standard handles when creating a new process leading to duplicating a system service thread pool handle into a user accessible process. This can be…