system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments. Date published : 2017-01-12 http://www.securityfocus.com/bid/96851 https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by...
Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. Date published :...
Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. Date published : 2017-01-12 http://www.securityfocus.com/bid/95424 http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php. Date published : 2017-01-12 http://www.securityfocus.com/bid/95684 https://github.com/semplon/GeniXCMS/issues/61
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php. Date published : 2017-01-12 http://www.securityfocus.com/bid/95655 http://code610.blogspot.com/2017/01/genixcms-sql-injection-quick-autopsy.html
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI. Date published : 2017-01-12 http://www.securityfocus.com/bid/95660 https://github.com/semplon/GeniXCMS/commit/6e21c01d87672d81080450e6913e0093a02bfab8
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. Date published : 2017-01-12 http://www.securityfocus.com/bid/95413 http://bugzilla.maptools.org/show_bug.cgi?id=2656
An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it...
An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it...
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be...
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate...
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be...
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate...