CVE-2017-10672
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
Read MoreAuthor: Cyberthreat Blog
CVE-2017-10667
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
Read MoreCVE-2016-10042
Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka Swisscom Internet-Box) devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to...
Read MoreCatching up with Blank Slate: a malspam campaign still going strong, (Wed, Jun 28th)
Introduction Blank Slate is the nickname for a malicious spam (malspam) campaign pushing ransomware targeting Windows hosts. Ive already discussed this campaign in a previous diary back in March 2017. It has consistently sent...
Read MoreCVE-2017-1106
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
Read More