Microsoft ASP.NET Forms versions 4.0.30319.237 and below suffer from an authentication bypass vulnerability.
7432953a885d29ecc984b1dab18e4eeeb9ab253b2c398a82436125325e03bc71
Microsoft ASP.NET Forms suffers from a null byte termination authentication bypass vulnerability that exists in the CopyStringToUnAlingnedBuffer() function of the webengine4.dll library used by the .NET framework. The unicode string length is determined using the lstrlenW function. The lstrlenW function returns the length of the string, in characters not including the terminating null character. If the unicode string containing a null byte is passed, its length is incorrectly calculated, so only characters before the null byte are copied into the buffer.
294ae2596a2c31be82519bf63b2272b2e6a249e186db2e1ca5fab9dfb9f605e6
WordPress versions 3.1.3 and 3.2-RC1 suffers from multiple remote SQL injection vulnerabilities.
0a7900515451e312b78d781e902fcb08e0d2c379668d6c7b467866395e99972e