>> ARCHIVE: 2019-03

vBulletin version 4.2.5 with Thread Post Bookmarking version 1.2.0 suffers from an open redirection vulnerability.

Java Debug Wire Protocol (JDWP) remote code execution exploit.

vBulletin version 4.2.5 with vBSuper_PM version 1.2.3 Lite suffers from an open redirection vulnerability.

OpenDocMan version 1.3.4 suffers from a remote SQL injection vulnerability in search.php.

vBulletin version 4.2.5 with Member Map version 1.1.2 suffers from an open redirection vulnerability.

WordPress WP-Image-News-Slider plugin version 3.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

Babel versions 0.4.1 and below suffer from an open redirection vulnerability.

Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and…

RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability. Modifications to the original proof of concept include the fact that it uses a larger payload size…

Android suffer from a binder use-after-free via a racy initialization of ->allow_user_free.