WPS Office versions prior to 2016 suffer from a .doc handling heap memory corruption issue when dealing with an invalid value in the OneTableDocumentStream data section.
>> CATEGORY: exploit
The Vulnerability Laboratory Core Research Team discovered a remote denial of service vulnerability in the official Soso Transfer mobile iOS web-application.
The Vulnerability Laboratory Research team discovered an application-side input validation web vulnerability in the official Getpdp online service web-application.
An independent vulnerability laboratory researcher discovered a client-side redirect web vulnerability in the official SimpleView CRM web-application.
eClinicalWorks Population Health (CCMR) suffers from cross site request forgery, cross site scripting, session fixation, and remote SQL injection vulnerabilities.
OpenXchange versions prior to 7.8 suffer from a user folder enumeration vulnerability.
VMWare Zimbra Mailer Release 8.6.0.GA, latest patch and prior versions with DKIM implementation are vulnerable to longterm Mail Replay attacks. If the expiration header is not set, the signature never…
File Hub version 3.3 suffers from script insertion and remote file upload vulnerabilities.
WinImage installers suffer from a DLL hijacking vulnerability.
Pdfium suffers from a heap use-after-free in Opj_t2_read_packet_header (libopenjpeg).