Author: Cyberthreat Blog

In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for...

Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be...

Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an ‘xxx.php[space]’ file, they could bypass a safety check and execute any code.

In libsamplerate before 1.0.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file.

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.