A session validation approval web vulnerability has been discovered in the official BMW ConnectedDrive online service web application. The vulnerability allows remote attackers to manipulate specific configured parameters to compromise the affected web application service.

PHP Real Estate Script version 3 suffers from a file disclosure vulnerability.

PaX contains a mitigation for reference count overflows that is intended to prevent atomic_t variables from reaching 0x80000000 and, more importantly, wrapping around to zero. A documented special case on x86 is that, because “atomically increment unless current value is X” cannot be implemented without a cmpxchg loop, the code instead increments the counter, checks for an overflow and, if an overflow happened, immediately decrements the counter back.

JetBrains PyCharm Professional 2016.1.4 suffers from a dll hijacking vulnerability.

The installer for Notepad++ version 6.9.2 suffers from a dll hijacking vulnerability.

The BMW online web application suffers from a cross site scripting vulnerability.

There is a heap overflow in ATF image packing. The file included in this archive demonstrates the vulnerability.

This JXR file causes a heap overflow when loaded in Adobe Flash.

This ATF file causes a heap overflow in ATF processing in Adobe Flash.

Joomla Topics component version 1.5.12 suffers from a remote SQL injection vulnerability.