>> ARCHIVE: 2016-03

The Vulnerability Laboratory Core Research Team discovered a client-side cross site scripting web vulnerability in the official Adobe Edex online service web-application.

Coppermine version 1.5.40 uses straight MD5 without any salt for storage of passwords.

A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…

A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…

A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…

A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…

The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.

Pulse CMS version 4.5.2 suffers from a local file inclusion vulnerability.

WP Good News Themes suffers from a client-side cross site scripting vulnerability.

Fing version 3.3.0 suffers from a persistent mail encoding vulnerability.