Zoho ManageEngine version 13 (13790 build) suffers from file read, file deletion, and cross site scripting vulnerabilities.
>> ARCHIVE: 2018-07
Microsoft Windows – ‘dnslint.exe’ Drive-By Download
Davolink DVW 3200 Router – Password Disclosure
File Upload Restrictions Bypass
NUUO NVRmini – ‘upgrade_handle.php’ Remote Command Execution
Splinterware System Scheduler Pro 5.12 – Buffer Overflow (SEH)
Two vulnerabilities were discovered within the Oracle WebLogic SAML service provider authentication mechanism. By inserting an XML comment into the SAML NameID tag, an attacker can coerce the SAML service…
Microsoft’s dnslint.exe tool does not verify domain names when parsing DNS text-files using the “/ql” switch making it prone to forced drive-by downloads, providing an end user is tricked into…
Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the “parse_qt()” function…
GeoVision GV-SNVR0811 – Directory Traversal