NationBuilder suffers from multiple persistent cross site scripting vulnerabilities.
605c2c3c1032d340f16cd0038f39dd85e6364f17892b876b71724d47ac764bf9
Red Hat Security Advisory 2016-0684-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss 3.21.0, nspr 4.11.0. Security Fix: A use-after-free flaw was found in the way NSS handled DHE and ECDHE handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application.
5a2666975f30ed4ef9d32a6c94c6c7ee9af784cd8b1cb74c9e6c0bbd94cde00e
Debian Linux Security Advisory 3556-1 - Hans Jerry Illikainen discovered that libgd2, a library for programmatic graphics creation and manipulation, suffers of a signedness vulnerability which may result in a heap overflow when processing specially crafted compressed gd2 data. A remote attacker can take advantage of this flaw to cause an application using the libgd2 library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application.
4fb5df9dace3303fe13802ffbddb4d7d85114c9f5c087fdb4b2bd8891d489403
Debian Linux Security Advisory 3555-1 - Several vulnerabilities were discovered in imlib2, an image manipulation library.
1ee5e61be52ed3b6800246af5250019695e3d62af4fd4f0bf75056031c465e3c
Red Hat Security Advisory 2016-0685-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A use-after-free flaw was found in the way NSS handled DHE (Diffie-Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys.
7142359029ecb55b91f8740bcc308885a4ca03d05377044d0945c59945dbfdaa
IrIran Shopping Script version 4.1 suffers from a cross site scripting vulnerability.
828edab3e7924d0f81c1fce38155f8638c3e73f0a9314ba81f3edfc6c8485c69
i-Tech Nepal Radio CMS version 2.0 suffers from a remote SQL injection vulnerability.
d1025bd4c1202de1ad50de8a8a3ce98318bb2d479a1f19446a1bf6463fed0877
CompuSource Systems Real Time Home Banking suffers from a local privilege escalation vulnerability.
eb1e66983b629065e937bcc9d3f4d042428232857116f37391fd6d668cdf8fdc
Cyberoam Central Console version 02.03.1 suffers from cross site scripting vulnerabilities.
25723eb7a1086e2370f53a54fa6647c9acdf0499d3a3aba9295cb297b783c6fd
Totemomail versions 4.x and 5.x suffer from filter bypass and script insertion vulnerabilities.
347ed963a8f8484f164328a3c14f97f30cce1083e75ae2e5b8613af5d9932d20
Rough Auditing Tool for Security (RATS) version 2.3 crash proof of concept code that results in a denial of service.
12d7b29ab56ac354a7a7bb73a02be8eab943b3498e0f538c356807a4c3766040
Django CMS version 3.2.3 suffers from a cross site scripting vulnerability.
cd0d8627e3d4f429c5205644da8cc99c824b6ba06df465b5a3f2d52c570dc592
Texas Instruments Calculators Emulator version 3.03 buffer overflow exploit that can use custom offsets.
0261e280ea524d7c2831dd9bd565f7a419d891b1642208d0fe44afae9bd4d78d
Telisca IPS Lock 2 suffers from a bypass vulnerability that allows the locking of any phone with only a mac address. Metasploit module included.
b6003d594cc09a8801ce447a82f3c84e8fedad95171104c449337ea0d019a587
The Ubiquiti Networks web application suffered from an XXE injection vulnerability.
d645f5c22a117c00797ef6ddd30973f63867c5fa0aab82f98789a422cbf5aa34
Negin Group CMS suffers from a remote SQL injection vulnerability.
ad141442ab12e00b67e2cf9ec428556e760a92c6d787be756cace677a1597514
C and C++ for OS suffers from filter bypass and script insertion vulnerabilities.
329b1aa3f14ffa8cc34a901452d00ed59a2075257c1f02e7647ba5dab1f0ebd8