>> ARCHIVE: 2017-01

Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.

Android suffers from a KASLR bypass in pm_qos.

Web Based TimeSheet Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.

PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.

Man-db version 2.6.7.1 suffers from a privilege escalation vulnerability.

GNU Screen version 4.5.0 suffers from a local privilege escalation vulnerability.

This Metasploit module affects Geutebrueck GCore versions 1.3.8.42 and 1.4.2.37, which suffer from a remote code execution vulnerability.

Haraka versions prior to 2.8.9 suffer from a remote command execution vulnerability.

Autodesk Backburner Manager 3 versions prior to 2016.0.0.2150 suffers from a null dereference denial of service vulnerability.

The Polycom VVX web interface allows a user to change an admin’s password.