AKIPS Network Monitor versions 15.37 through 16.5 suffer from a remote command injection vulnerability.
>> ARCHIVE: 2016-03
Core Security Technologies Advisory – An integer signedness error has been found in the amd64_set_ldt() function in the FreeBSD kernel code (define d in the /sys/amd64/amd64/sys_machdep.c file), which implements the…
Cisco UCS Manager version 2.1(1b) shellshock exploit that spawns a connect-back shell.
ProjectSend version r582 suffers from a persistent cross site scripting vulnerability.
Yahoo’s mail web application suffered from a From: spoofing vulnerability.
OpenSSH versions 7.2p1 and below suffer from a command injection and /bin/false bypass vulnerability via xauth.
WordPress Bulletproof plugin version 0.53.2 suffers from a cross site scripting vulnerability.
Dropbear sshd versions 2015.71 and below suffer from a command injection vulnerability via xauth. An authenticated user may inject arbitrary xauth commands by sending an x11 channel request that includes…
Chamilo LMS version 1.10.2 suffers from a cross site scripting vulnerability.
Netwrix Auditor version 7.1.322.0 suffers from a stack-based buffer overflow vulnerability when parsing large amount of bytes to the ‘sourceFile’ string parameter in PackFile() and UnpackFile() functions in ‘Netwrix.Common.CollectEngine.dll’ library,…