>> ARCHIVE: 2016-12

ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.

Apache mod_session_crypto versions 2.3 through 2.5 suffer form a padding oracle vulnerability.

Microsoft Edge suffers from a type confusion vulnerability in internationalization initialization.

Mac OS suffers from a kernel code execution vulnerability due to writable privileged IOKit registry properties.

IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability.

Vesta Control Panel versions 0.9.7 through 0.9.8-16 suffer from a local privilege escalation vulnerability.