>> ARCHIVE: 2016-10

Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in new_whitelist.php.

An independent vulnerability laboratory researcher discovered a dll hijacking exploit in the official MP3 Stream Editor …

Abyss Web Server X1 version 2.11.1 suffers from an unquoted service path privilege escalation vulnerability.

Cisco Firepower Threat Management Console has hard-coded MySQL credentials in use. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

Clean Master version 1.0 suffers from an unquoted path privilege escalation vulnerability.

Cyberoam iview UTM version 0.1.2.7 suffers from a client-side cross site scripting vulnerability.

Flash Operator Panel version 2.31.03 suffers from a script insertion vulnerability.

Cisco Firepower Threat Management Console suffers from a denial of service vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

Cisco Firepower Threat Management Console suffers from a remote command execution vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

Cisco Firepower Threat Management Console suffers from a local file inclusion vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.