The Vulnerability Laboratory Core Research Team discovered a client-side cross site scripting web vulnerability in the official Adobe Edex online service web-application.
Coppermine 1.5.40 Weak Cryptography
Coppermine version 1.5.40 uses straight MD5 without any salt for storage of passwords.
Libxml2 XmlParseEndTag2 Heap-Based Buffer Overread
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
Libxml2 XmlDictAddString Heap-Based Buffer Overread
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
Libxml2 XmlParserPrintFileContextInternal Heap-Based Buffer Overread
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
Libxml2 HtmlCurrentChar Heap-Based Buffer Overread
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
Comodo Anti-Virus GeekBuddy DLL Hijacking
The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.
Pulse CMS 4.5.2 Local File Inclusion
Pulse CMS version 4.5.2 suffers from a local file inclusion vulnerability.
WP Good News Themes Cross Site Scripting
WP Good News Themes suffers from a client-side cross site scripting vulnerability.
Fing 3.3.0 Persistent Mail Encoding
Fing version 3.3.0 suffers from a persistent mail encoding vulnerability.