Multiple SQL injection vulnerabilities in the Double Opt-In for Download plugin before 2.0.9 for WordPress allow remote attackers to execute arbitrary SQL commands via the ver parameter to (1) class-doifd-download.php or (2)...
Read MoreIntroduction It seems that Google Chrome extensions have become quite the tool for banking malware fraudsters. Two weeks ago, an offender phoned a victim and asked him to install a supposedly new bank security module that,...
Read MoreVulnerability Note VU#403768 <h2>Akeo Consulting Rufus fails to update itself securely</h2> <p class=”meta-text”>Original Release date: 29 Aug 2017 | Last revised: 29 Aug 2017</p><!–...
Read MoreThere is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
Read MoreThere are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
Read More