mail.local(8) (NetBSD) – Local Root Exploit (NetBSD-SA2016-006)
>> ARCHIVE: 2016-07
mail.local(8) (NetBSD) – Local Root Exploit (NetBSD-SA2016-006)
Apache 2.4.7 & PHP <= 7.0.2 – openssl_seal() Uninitialized Memory Code Execution
WordPress Icegram plugin version 1.9.18 suffers from a cross site request forgery vulnerability.
WordPress Ninja Forms plugin version 2.9.51 suffers from cross site scripting vulnerabilities.
WordPress Video Player plugin version 1.5.16 suffers from multiple remote SQL injection vulnerabilities.
Wowza Streaming Engine suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice….
The Wowza Streaming Engine application suffers from a privilege escalation issue. Normal user (read-only) can elevate his/her privileges by sending a POST request setting the parameter ‘accessLevel’ to ‘admin’ gaining…
Wowza Streaming Engine version 4.5.0 build 18676 suffers from a cross site request forgery vulnerability.
Wowza Streaming Engine version 4.5.0 build 18676 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. When the file is modified it is…
Wowza Streaming Engine suffers from multiple reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user….