>> ARCHIVE: 2017-05

Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.

Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.

This vulnerability permits an unprivileged user on a Linux machine on which VMWare Workstation is installed to gain root privileges. The issue is that, for VMs with audio, the privileged…

Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.

MacOS suffers from a kernel register leak via 32-bit syscall exit.

LG has an issue where a malformed OGM file can cause the use of an uninitialized pointer during Vorbis header verification – vorbis_info_clear is called on a vorbis_info structure that…

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug.

Sure Thing Disc Labeler version 6.2.138.0 suffers from a buffer overflow vulnerability.

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET…