The o2 Auto Configuration Server (ACS) discloses VoIP/SIP credentials of arbitrary customers when receiving manipulated CWMP packets. These credentials can then be used by an attacker to register any VoIP…
>> AUTHOR: deepcore
Symantec Endpoint Protection version 12.1.4013 suffers from a denial of service vulnerability.
WordPress Symposium Pro Social plugin version 15.12 suffers from cross site request forgery and cross site scripting vulnerabilities.
TrueCrypt versions 7.1a and 7.2 suffer from a DLL hijacking vulnerability with their installers.
AVM FRITZ!OS versions prior to 6.30 suffer from an html injection vulnerability.
The vulnerability Laboratory Research Team has discovered multiple web validation vulnerabilities in the barracuda Message Archiver v650 Product.
Apple Security Advisory 2016-01-07-1 – QuickTime 7.7.9 is now available and addresses multiple memory corruption issues.
RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device. Versions prior to…
The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially crafted firmware images can overwrite critical files. Arbitrary code can get executed if an attempt is made to install…
ZoneAlarm installers suffer from a DLL hijacking vulnerability.