Next Last 1. 2016-12-31 [1] [FD] 0-day: QNAP NAS Devices suffer of heap overflow full-disclo bashis 2. 2016-12-31 [2] [FD] Executable installers are vulnerable^WEVIL (case 42): full-disclo Stefan Kanthak 3. 2016-12-30 [1] [FD] Zend Framework / zend-mail < 2.4.11 Remote Code Execu full-disclo Dawid Golunski 4. 2016-12-30 [5] [FD] [RT-SA-2016-001] Padding Oracle in Apache mod_session full-disclo Tim 5. 2016-12-28 [1] [FD] SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2 full-disclo Dawid Golunski 6. 2016-12-28 [1] [FD] PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exp full-disclo Dawid Golunski 7. 2016-12-27 [3] [FD] PHPMailer < 5.2.18 Remote Code Execution [CVE-2016-10 full-disclo Dawid Golunski 8. 2016-12-26 [1] [FD] BlackArch Linux OVA Image released! full-disclo Black Arch 9. 2016-12-25 [1] [FD] kernel vuln status question - how can I be protected full-disclo BENCSATH Boldizs 10. 2016-12-23 [1] [FD] Arbitrary file deletion vulnerability in Image Slider full-disclo dxw Security 11. 2016-12-21 [1] [FD] =?utf-8?q?CVE-2014-4138=3A_MSIE_11_MSHTML_CPaste=C2=A full-disclo Berend-Jan Wever 12. 2016-12-21 [1] [FD] copy-me vulnerable to CSRF allowing unauthenticated a full-disclo dxw Security 13. 2016-12-20 [1] [FD] [0-day] RCE and admin credential disclosure in NETGEA full-disclo Pedro Ribeiro 14. 2016-12-20 [1] [FD] NEW VMSA-2016-0023 VMware ESXi updates address a cros full-disclo VMware Security 15. 2016-12-20 [1] [FD] [ERPSCAN-16-035] SAP Solman - user accounts disclosur full-disclo ERPScan inc 16. 2016-12-20 [1] [FD] CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::Remo full-disclo Berend-Jan Wever 17. 2016-12-20 [1] [FD] New BlackArch Linux ISOs (2016.12.20) released! full-disclo Black Arch 18. 2016-12-19 [1] [FD] Hotlinking Vulnerability in Glype (All Versions) full-disclo Celso Bento 19. 2016-12-19 [1] [FD] CVE-2013-6627: Chrome Chrome HTTP 1xx base::StringTok full-disclo Berend-Jan Wever 20. 2016-12-17 [2] [FD] SQL injection in Joomla extension DT Register full-disclo Elar Lang 21. 2016-12-16 [1] [FD] CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-a full-disclo Berend-Jan Wever 22. 2016-12-15 [2] [FD] XenForo 1.5.x Unauthenticated Remote Code Injection full-disclo Julien Ahrens 23. 2016-12-15 [1] [FD] CSRF/stored XSS in Quiz And Survey Master (Formerly Q full-disclo dxw Security 24. 2016-12-15 [1] [FD] =?utf-8?q?MSIE_9_IEFRAME_CMarkup=C2=ADPointer=3A=3AMo full-disclo Berend-Jan Wever 25. 2016-12-15 [1] [FD] Nagios Core < 4.2.4 Root Privilege Escalation [CVE-20 full-disclo Dawid Golunski 26. 2016-12-15 [1] [FD] Nagios Core < 4.2.2 Curl Command Injection leading to full-disclo Dawid Golunski 27. 2016-12-14 [1] [FD] =?utf-8?q?CVE-2013-3143=3A_MSIE_9_IEFRAME_CMarkup=2E= full-disclo Berend-Jan Wever 28. 2016-12-14 [1] [FD] Adobe Animate <= v15.2.1.95 Memory Corruption Vulnera full-disclo hyp3rlinx 29. 2016-12-13 [1] [FD] MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-f full-disclo Berend-Jan Wever 30. 2016-12-13 [1] [FD] Reflected XSS in MailChimp for WordPress could allow full-disclo dxw Security Next Last