PivotX version 2.3.11 suffers from a reflective cross site scripting vulnerability.
>> CATEGORY: exploit
Zenphoto version 1.4.11 suffers from a remote file inclusion vulnerability.
The Grandstream Wave application version 1.0.1.26 periodically queries the Grandstream server for app updates. If a new update is found, the app shows a notification to the user that either…
BigTree version 4.2.8 suffers from object injection and improper filename sanitization.
PivotX version 2.3.11 suffers from a remote shell upload vulnerability.
AKIPS Network Monitor versions 15.37 through 16.5 suffer from a remote command injection vulnerability.
The SecLogon service does not sanitize standard handles when creating a new process leading to duplicating a system service thread pool handle into a user accessible process. This can be…
There is a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.
There is a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.
The avmplus bytecode verifier misses a control-flow path via op_pushwith throwing an exception allowing crafted bytecode to be incorrectly optimized which can trivially be abused to get code execution.