Several methods in Adobe Flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a…
>> CATEGORY: exploit
There is a use-after-free in Adobe Flash Selection.setFocus. It is a static method, but if it is called with a this object, it will be called on that object’s thread….
There is a use-after-free in the Adobe Flash Stage.align property setter. When the setter is called, the parameter is converted to a string early, as a part of the new…
Keeper suffers from an issue where a trusted UI is injected into an untrusted webpage.
There is a use-after-free in the Adobe Flash MovieClip Transform getter. If the Transform constructor is replaced with a getter using addProperty, this getter can free the MovieClip before it…
E-Cidade versions 2.3.52 and below suffer from a directory traversal vulnerability.
FreePBX version 13.0.35 suffers from a remote code execution vulnerability.
Micro Focus GroupWise version 2014 R2 SP1 and below suffer from buffer overflow, cross site scripting, and integer overflow vulnerabilities.
Dotclear version 2.9.1 allows authenticated users to leverage the RSS import functionality to scan ports of the internal network.
Dotclear version 2.9.1 suffers from a remote shell upload vulnerability.