ESET NOD32 is affected by a heap overflow vulnerability while unpacking EPOC installation files. By creating a file record with type SIS_FILE_MULTILANG (meaning a different file is provided for every supported language), and then claiming to support a very large number of languages, a 16-bit calculation overflows. This leads to a nice clean heap overflow.
innovaphone versions IP222 and IP232 suffer from a remote denial of service vulnerability.
McAfee VirusScan Enterprise versions 8.8 and below suffer from a security restrictions bypass vulnerability.
This archive includes a PE file that causes memory corruption in Avast and it looks related to authenticode parsing.
WordPress CP Polls plugin version 1.0.8 suffers from a persistent cross site scripting vulnerability via file upload.
Putty version 0.66 suffers from a DLL hijacking vulnerability.
WordPress CP Polls plugin version 1.0.8 suffers from cross site request forgery and cross site scripting vulnerabilities.
Pulse CMS version 4.5.2 suffers from a backup disclosure vulnerability.
A vulnerability in the sncc0.sys kernel driver for Secret Net 7 and Secret Net Studio 8 allows for a local privilege escalation attack.