Nicky Mouha discovered a buffer overflow in sha3, a Python library for
the SHA-3 hashing functions.

Read More

Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# code on any machine that renders a report, including the application server or a user’s local machine, as demonstrated by System.Diagnostics.Process.Start.

Read More

Several security vulnerabilities have been discovered in the Tomcat
servlet and JSP engine.

Read More

It was discovered that Apache Batik, a SVG library for Java, allowed
attackers to run arbitrary Java code by processing a malicious SVG file.

Read More

A security issue was discovered in Chromium, which could result in the
execution of arbitrary code.

Read More

Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress.

Read More

Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.

Read More

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.

Read More

SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.

Read More

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themepoints Testimonials plugin <= 2.6 on WordPress.

Read More