Security Advisories

Home / Advisories 

Sqiva System 2.5 & below: Multiple Vulnerabilities

CVE-2018-16995, CVE-2018-16997 & CVE-2018-16998: Sqiva System 2.5 & below suffers from multiple client-side vulnerabilities.

Socusoft Flash SSM: Multiple Vulnerabilities

SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, inherts an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated redirection issues.

Socusoft P2V Converter: Local Buffer Overflow

Socusoft's Photo 2 Video Converter v8.0.0 (Free and Professional variants) contains a local buffer overflow condition in the pdmlog.dll library. Exploitation can result in x86 register rewrites to control program execution flow, therefore, resulting in the potential ability to execute arbitrary shellcode and execute local denial-of-service conditions.