The Vulnerability Laboratory Core Research Team discovered a client-side cross site scripting web vulnerability in the official Adobe Edex online service web-application.
Coppermine version 1.5.40 uses straight MD5 without any salt for storage of passwords.
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.
Pulse CMS version 4.5.2 suffers from a local file inclusion vulnerability.
WP Good News Themes suffers from a client-side cross site scripting vulnerability.
Fing version 3.3.0 suffers from a persistent mail encoding vulnerability.