>> ARCHIVE: 2017-01

SoftMaker Office 201x suffers from a local privilege escalation vulnerability due to an unprotected directory.

InstallTinyPDF.exe suffers from dll hijacking and unsafe temp directory vulnerabilities.

Tempest Security Intelligence Advisory ADV-3/2016 – Atlassian Confluence version 5.9.12 is vulnerable to persistent cross site scripting because it fails to securely validate user controlled data, thus making it possible…

WordPress Stop User Enumeration plugin version 1.3.4 fails to stop user enumeration.

Broadband DSL modems manufactured by Zyxel and distributed by some European ISPs are vulnerable to a command injection vulnerability when setting the ‘NewNTPServer’ value using the TR-64 SOAP-based configuration protocol….

PDFAdd version 1.2 suffers from a dll hijacking vulnerability.

My Click Counter version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Internet Download Accelerator version 6.10.1.1527 SEH FTP buffer overflow exploit.

As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens and suffers from a heap overflow vulnerability.