>> ARCHIVE: 2016-11

OpManager versions 12100 and 12200 suffer from multiple cross site scripting and denial of service vulnerabilities.

ScriptCase versions 8.1.053, 8.1.051, and 8.1.43.0 suffer from token bypass, user enumeration, local privilege escalation, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

Putty version 0.67 suffers from a cleartext password storage vulnerability.

Multitech RightFax Faxfinder versions prior to 4.1.2 suffer from a clear-text credential disclosure vulnerability.

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily…

Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.

SAP NetWeaver AS JAVA version 7.4 suffers from a denial of service vulnerability.

SAP NetWeaver AS JAVA version 7.4 suffers from an XML external entity (XXE) injection vulnerability.