VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.
>> CATEGORY: exploit
WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.
aws-cfn-bootstrap versions prior to 1.4-22.14 suffer from a local code execution vulnerability.
Axis Communications MPQT/PACS suffers from heap overflow and information leakage vulnerabilities.
SocuSoft Co. Photo 2 Video Converter Free and Pro variants version 8.0.0 suffer from a buffer overflow in the pdmlog.dll library.
MistServer version 2.12 suffers from a persistent cross site scripting vulnerability.
Artica Web Proxy version 3.06.112216 suffers from a remote code execution vulnerability.
Abyss Web Server versions prior to 2.11.6 suffer from a memory heap corruption vulnerability.