Google AOSP email application versions up to 7.0 suffer from an html injection vulnerability.
997b4ab75d2a1bd77ad1ed1e393d5be70361f9a6bcb2b694bbf2ee14017f4233
Free WMA MP3 Converter version 1.8 suffers from a buffer overflow vulnerability.
405e1a5c47ed2d7f68d824586599986b2c40de899c0466366ebf697fa61505de
Murgent CMS from 2015Q4 suffers from a remote SQL injection vulnerability.
3d3c1ae69315f62677ef5cb67d8cd395a1393075c74dfc1d329ba7fc8f456883
LineNity WP premium theme suffers from a local file inclusion vulnerability.
aedb3c213591ef0023a5bac52d0988f5003d14829fbb8554821e52c538078db3
Ebay Magento suffered from multiple cross site request forgery vulnerabilities.
9100b8e6174a98fe814cca49771a623e8ed97ea3ca97aba563a8cdfb93846e04
Ebay Magento Commerce suffered from a cross site scripting vulnerability.
d053d31a2e30a77f10b17da4ec3786d918f2e3f72ec4c69bda9bb8bedc20b230
Lan Scan HD version 1.20 suffers from a command injection vulnerability.
a6f4b3a9396e8402950f0d05045b64e5fa21dea5031ee2933070b42412e31732
Port Scan version 2.0 suffers from a command injection vulnerability.
e0354f5b75c9099132633c4b052838d46b8bbee6c82c53020df95d4ea18525b4
PHP Address Book version 8.2.5.2 suffers from a remote SQL injection vulnerability.
74ce6b4fbc3365f91ad208910228a3874d6c832b0bfb7575b3a009ca64d52058
zTree version 3.5.19.1 suffers from a cross site scripting vulnerability.
74c4694fccb338eef0b0a66ddd1bd35451475c0c7f74ebe8ff6a29b02a59712f
A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed OS/2 table.
8fe968ce622cf9113f76404623b7e14a9b2abf8080a96adb4115cbf39cfdec56
The Cisco FireSIGHT Management Center appliance suffers from a certificate validation vulnerability. FirePWNER exploit included. Versions affected include 5.2.x, 5.3.x, and 5.4.x.
3fc2f6862036f1dcec916cfa817e09ceabd99af239e63cb74877b949a1537809
The attached testcase was found by fuzzing DEX files, and results in a heap overflow with a wild memcpy. Note that Kaspersky catch exceptions and continue execution, so running into unmapped pages doesn't terminate the process, this should make exploitation quite realistic.
6751e071bf8dd3497577b29fbf7d097aa98be4740d9f645d2afa24cded401776
Adobe Reader X and XI for Windows suffer from an out-of-bounds read in CoolType.dll.
bc8c45d0bc029bbfe2dcb8a7c8653db43d3be01d2877e59509fb180abdbeb922
On Windows 8.1 Update 32/64 bit, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check.
72088e382599651c32cb9cdc5567e22509289abb4b5d97381967f2aafa755155
TECO JN5 L510-DriveLink version 1.482 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.
0a17862b17b3d467c4d8f98421a8360fdbcb7dc4e4083cf422ec3cebfc1dcc18
TECO AP-PCLINK version 1.094 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
05a9e596617eb5f861cd0aa93ea5277f10981c522596b213248bf09866d332c4
TECO SG2 FBD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GFB file. Successful exploitation could allow execution of arbitrary code on the affected machine.
9e734f6542911311ba1c133e0986c8e5fe18cf3fbb2d5b7622a8b4a411038008
networkd is the system daemon which implements the com.apple.networkd XPC service. It's unsandboxed but runs as its own user. com.apple.networkd is reachable from many sandboxes including the Safari WebProcess and ntpd (plus all those which allow system-network). networkd parses quite complicated XPC messages and there are many cases where xpc_dictionary_get_value and xpc_array_get_value are used without subsequent checking of the type of the returned value.
8f3b0d4e8a89ad64284b0b7f58567f82fed3eee85dac017382e0f65c2b11a7e5
TECO TP3-PCLINK version 2.1 has a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
4778282fac2ab5abb25a2673b573310bfa0f672266d7d8e650fd6ed1fd4de623
When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. The naming pattern for files is {CN}.cer and CN can be modified to perform path traversals.
ce9f7093bf60e3752e2176561753c43ff890d74e6e48bcae0af1b4f25757ad05
A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed TrueType program.
aa2c793abdcbae42410e9648120375bbbf61f199aadac00919c7cae1a9e4ac95
A use-after-free condition has been encountered in FreeType while fuzzing Type42 fonts. Version 2.5.3 is affected.
f0ddade4f563e81601505e4c49d519629a1f9cb5f6e95c61b4ed5f44b810a101
Fuzzing the ZIP file format found multiple memory corruption issues, some of which are obviously exploitable for remote code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus.
fc8862117299fd338cb8bbf77d3ccb922e26861f2ef48f8fe569ea1fedea5e5b
TECO SG2 LAD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie LAD file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GEN file. Successful exploitation could allow execution of arbitrary code on the affected machine.
99d9948e7ad21ed7716d95d01d9ecd153145a8d5a83a9616f7e4db8d5d28f544