Vulnerability Index: Year 2017

Windows GDI Elevation of Privilege Vulnerability Same Origin Policy Bypass in Microsoft Edge via about:blank and data: URLs Microsoft Office Memory Corruption Vulnerability LSASS Denial of Service Vulnerability in Windows Vista, Server 2008, and Windows 7 Windows GDI Elevation of Privilege Vulnerability Microsoft Office Memory Corruption Vulnerability in Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 PowerShell Security Feature Bypass Vulnerability in Device Guard Internet Explorer Memory Disclosure Vulnerability Microsoft Internet Explorer 9 through 11 Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Browser Content Spoofing Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability Microsoft Edge RegEx XSS Filter Vulnerability Internet Explorer Remote Code Execution Vulnerability Microsoft Word 2016 Remote Code Execution Vulnerability Microsoft Office Memory Corruption Vulnerability in Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 Hyper-V vSMB Packet Data Validation Vulnerability Microsoft XML Information Disclosure Vulnerability Microsoft PDF Remote Code Execution Vulnerability Win32k Elevation of Privilege Vulnerability in Windows 10 1607 and Windows Server 2016 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Office Information Disclosure Vulnerability Scripting Engine Memory Corruption Vulnerability Crafted Office Document Denial of Service Vulnerability in Microsoft Office 2010, Word 2010, Word 2013 RT, and Word 2016 Microsoft Office Memory Corruption Vulnerability Microsoft Office Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Browser Content Spoofing Vulnerability Microsoft Edge Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Type Confusion Vulnerability in Microsoft Internet Explorer and Edge Remote Information Disclosure Vulnerability in GDI32.dll Library Loading Input Validation Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Internet Explorer 9-11 Windows Media Player Information Disclosure Vulnerability Local User Information Disclosure in Microsoft Active Directory Federation Services Windows DVD Maker .msdvd File Parsing Vulnerability Windows GDI Elevation of Privilege Vulnerability VBScript Engine Information Disclosure Vulnerability in Internet Explorer 11 Windows Kernel Elevation of Privilege Vulnerability Microsoft Hyper-V Network Switch Denial of Service Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft IIS Server XSS Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows DNS Query Information Disclosure Vulnerability Win32k Kernel Information Disclosure Vulnerability Internet Explorer Memory Disclosure Vulnerability GDI+ Information Disclosure Vulnerability Microsoft Color Management Memory Handling Vulnerability GDI+ Information Disclosure Vulnerability Microsoft Color Management ASLR Bypass Vulnerability Internet Explorer Mixed Content Warning Bypass Vulnerability Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Edge Web Content Spoofing Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows GDI+ Information Disclosure Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Denial of Service Vulnerability Win32k Information Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 and Windows Server 2016 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 Gold and 1511 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows Uniscribe Remote Code Execution Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows Uniscribe Remote Code Execution Vulnerability Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Remote Code Execution Vulnerability in Microsoft Scripting Engines Hyper-V vSMB Remote Code Execution Vulnerability Hyper-V Information Disclosure Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Windows HelpPane Elevation of Privilege Vulnerability Windows Elevation of Privilege Vulnerability in Kernel-Mode Drivers Windows Elevation of Privilege Vulnerability Windows Registry Elevation of Privilege Vulnerability iSNS Server Memory Corruption Vulnerability Out-of-Bound Memory Disclosure in Microsoft Office Microsoft Office Memory Corruption Vulnerability Microsoft SharePoint Server Cross-Site Scripting (XSS) Vulnerability Graphics Component Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Microsoft Exchange OWA Cross-Site Scripting (XSS) Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Windows Uniscribe Information Disclosure Vulnerability Uniscribe Memory Disclosure Vulnerability Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Certificate Validation Vulnerability in Microsoft Lync for Mac 2011 Scripting Engine Memory Corruption Vulnerability in Microsoft Internet Explorer 9-11 Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Internet Explorer Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Cross-Domain Information Leakage Vulnerability in Microsoft Internet Explorer 11 Windows Graphics Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Scripting Engine Memory Corruption Vulnerability Extranet Client Request Misclassification Vulnerability in ADFS .NET Remote Code Execution Vulnerability NetBT Session Services Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Active Directory Denial of Service Vulnerability in Windows 10 1607 and Windows Server 2016 Windows Elevation of Privilege Vulnerability LDAP Elevation of Privilege Vulnerability in Windows Windows Kernel Object Memory Handling Vulnerability Hyper-V Network Switch Information Disclosure Vulnerability Hyper-V Information Disclosure Vulnerability XML Parsing Information Disclosure Vulnerability in Windows Performance Monitor Windows DNS Server Denial of Service Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability NetBIOS Packet Handling Denial of Service Vulnerability Windows Kernel Information Disclosure Vulnerability Buffer Overflow Vulnerability in Smart Card Authentication Code in Microsoft Windows XP and Server 2003 Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Win32k Kernel Information Disclosure Vulnerability Win32k Kernel-Mode Object Handling Elevation of Privilege Vulnerability GDI Information Disclosure Vulnerability Memory Object Handling Vulnerability in Windows Systems ATMFD.dll Information Disclosure Vulnerability Hypervisor Code Integrity Elevation of Privilege Vulnerability Microsoft Office Information Disclosure Vulnerability Microsoft Office XSS Elevation of Privilege Vulnerability Memory Information Disclosure Vulnerability in Microsoft Scripting Engine Microsoft Office DLL Loading Vulnerability in OneNote 2007 and 2010 Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API Microsoft Edge Remote Code Execution via Memory Corruption Scripting Engine Memory Corruption Vulnerability in Internet Explorer Internet Explorer Remote Code Execution via Memory Corruption Vulnerability Edge Content Security Policy Validation Bypass Vulnerability Office Protected View Bypass Vulnerability in Microsoft Outlook Microsoft Edge Remote Code Execution via Memory Corruption Outlook for Mac 2011 HTML Spoofing Vulnerability Chakra Scripting Engine Information Disclosure Vulnerability in Microsoft Edge Cross-Domain Policy Enforcement Vulnerability in Internet Explorer Windows OLE Elevation of Privilege Vulnerability Windows Hyper-V vSMB Elevation of Privilege Vulnerability Windows COM Aggregate Marshaler Elevation of Privilege Vulnerability Windows COM Elevation of Privilege Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Kernel Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability Internet Explorer Remote Code Execution via Memory Corruption Vulnerability Chakra Core Remote Code Execution Vulnerability Memory Corruption Vulnerability in Microsoft Edge's JavaScript Engine Internet Explorer Remote Code Execution Vulnerability Microsoft Edge Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Microsoft Edge Scripting Engine Memory Corruption Vulnerability Edge Scripting Engine Memory Corruption Vulnerability SmartScreen Filter Spoofing Vulnerability in Microsoft Browsers Escape from AppContainer Sandbox: Microsoft Edge Elevation of Privilege Vulnerability Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Browsers Remote Code Execution via Scripting Engine Memory Corruption Microsoft Edge Remote Code Execution Vulnerability Domain-less Page Rendering Vulnerability in Microsoft Edge ActiveX Object Instantiation Information Disclosure Vulnerability Microsoft Office Object Handling Remote Code Execution Vulnerability Windows Kernel Elevation of Privilege Vulnerability Win32k Information Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Denial of Service Vulnerability in ASP.NET Core Mvc .NET Security Feature Bypass Vulnerability ASP.NET Core Elevation of Privilege Vulnerability Buffer Overflow Vulnerability in Microsoft JET Database Engine Chakra Core Remote Code Execution Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft SharePoint Foundation 2013 SP1 Elevation of Privilege Vulnerability ASP.NET Core Spoofing Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Microsoft Office Remote Code Execution Vulnerability Office Remote Code Execution Vulnerability in Microsoft Office 2010, 2013, and 2016 Office Remote Code Execution Vulnerability in Microsoft Office 2010, 2013, and 2016 Win32k Elevation of Privilege Vulnerability Microsoft PowerPoint for Mac 2011 Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft PowerPoint for Mac 2011 Memory Object Handling Vulnerability in Microsoft Edge Windows SMB Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Denial of Service Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Denial of Service Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Denial of Service Vulnerability Office Remote Code Execution Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Uniscribe Remote Code Execution Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Graphics Information Disclosure Vulnerability Graphics Uniscribe Information Disclosure Vulnerability in Windows Server and Windows OS Windows Graphics Memory Disclosure Vulnerability Windows Graphics Memory Disclosure Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Windows PDF Remote Code Execution Vulnerability Windows PDF Remote Code Execution Vulnerability Windows PDF Library Remote Code Execution Vulnerability Cabinet File Remote Code Execution Vulnerability in Microsoft Windows Windows Default Folder Tampering Vulnerability Windows TDX Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability Windows COM Session Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability F5 BIG-IP APM Portal Access Vulnerability F5 BIG-IP APM URL Length Vulnerability Resource Starvation Vulnerability in F5 BIG-IP LTM Software SQL Injection Vulnerability in BIG-IP AFM Management UI Vulnerability in F5 SSL Intercept iApp Allows Unauthenticated Remote Attack and System Configuration Modification Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA GPU Display Driver Kernel Mode Integer Overflow Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler Denial of Service Vulnerability Improper Access Control in NVIDIA GPU Display Driver R378: Denial of Service and Privilege Escalation Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Buffer Overflow Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Buffer Overflow Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation Unvalidated User Input in NVISystemService64 in GeForce Experience (GFE) 3.x before 3.10.0.55 NVIDIA GPU and GeForce Experience Installer Privilege Escalation Vulnerability NVIDIA Linux GPU Display Driver Kernel Mode Layer Handler Denial of Service Vulnerability Denial of Service Vulnerability in NVIDIA Windows GPU Display Driver Denial of Service Vulnerability in NVIDIA Windows GPU Display Driver NVIDIA GPU Display Driver Kernel Mode Layer Handler NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Array Index Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Buffer Validation Vulnerability Elevation of Privilege Vulnerability in NVIDIA I2C HID Driver Allows Arbitrary Code Execution Out-of-Bounds Read Vulnerability in NVIDIA Video Driver Leads to Information Disclosure Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0327) Information Disclosure Vulnerability in NVIDIA Crypto Driver Elevation of Privilege Vulnerability in NVIDIA Boot and Power Management Processor Driver Information Disclosure Vulnerability in NVIDIA Crypto Driver Critical Elevation of Privilege Vulnerability in NVIDIA Video Driver for Android Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0332) Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android High-Risk Information Disclosure Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android NVIDIA GPU Driver Information Disclosure Vulnerability in Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0339) Elevation of Privilege Vulnerability in NVIDIA Libnvparser Component (CVE-2017-0340) NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability Race Condition Vulnerability in NVIDIA Windows GPU Display Driver NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Privilege Escalation via DxgDdiEscape Handler NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Out-of-Bound Access and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Buffer Validation Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Pointer Validation Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler NULL Pointer Dereference Vulnerability Privilege Escalation Vulnerability in NVIDIA GPU Display Driver NVIDIA GPU Display Driver Vulnerability: Denial of Service via DxgDdiEscape NVIDIA Windows GPU Display Driver Kernel Mode Denial of Service Vulnerability NVIDIA Windows GPU Display Driver Denial of Service Vulnerability Authentication Bypass Vulnerability in ikiwiki Plugin Heap-Overflow Vulnerability in iucode-tool's -tr Loader Privilege Escalation in NTFS-3G: Unsanitized Environment Variable Execution Arbitrary Disk Write Vulnerability in diffoscope Arbitrary File Read Vulnerability in Tryton 3.x and 4.x through 4.2.2 Information Disclosure Vulnerability in Mediawiki API Logging CSRF Vulnerability in Mediawiki's Mark all pages visited Feature Open Redirect Vulnerability in Mediawiki Special:Search Redirect Vulnerability in Mediawiki XSS Vulnerability in Mediawiki's SearchHighlighter::highlightText() Function SVG Filter Evasion Vulnerability in Mediawiki Unsafe Use of Temporary Directory in Mediawiki Vulnerability: RawHTML Mode Exploitation in Mediawiki Undelete Page Vulnerability in Mediawiki Ineffective Spam Blacklist Vulnerability in Mediawiki File Inclusion Syntax IP Address Disclosure Vulnerability in MediaWiki SyntaxHighlight Extension Parameter Injection Vulnerability Remote Code Execution via Crafted Debian Package File Privilege Escalation via Crafted Model in Config-Model Denial of Service Vulnerability in Tor's Hidden-Service Feature Denial of Service Vulnerability in Tor's Hidden-Service Feature Inadequate Guard Selection Algorithm in Tor 0.3.x before 0.3.0.9 Cross-Site Scripting (XSS) Vulnerability in Phamm Login Form Function Curve25519 Side-Channel Attack Vulnerability in Libgcrypt Uninitialized Stack Data Leak in Tor Hidden Services Information Disclosure Vulnerability in libopus in Mediaserver Allows Unauthorized Access to Sensitive Data High-Risk Remote Code Execution Vulnerability in Framesequence Library on Android Elevation of Privilege Vulnerability in Android Framework APIs Privilege escalation vulnerability in Audioserver's libeffects Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in libnl Library on Android High-Risk Elevation of Privilege Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Android External Storage Provider Allows Unauthorized Access to SD Card Data Critical Denial of Service Vulnerability in Android Networking Denial of Service Vulnerability in Tremolo/dpen.s in Mediaserver Denial of Service Vulnerability in libhevc in Mediaserver (Android) Denial of Service Vulnerability in libstagefright in Mediaserver (Android) Denial of Service Vulnerability in libvpx in Mediaserver High-Risk Denial of Service Vulnerability in Android Telephony Silent Contact Creation Vulnerability in Android Contacts Information Disclosure Vulnerability in Mediaserver's libeffects Information Disclosure Vulnerability in libstagefright in Mediaserver Moderate Information Disclosure Vulnerability in Audioserver on Android Information Disclosure Vulnerability in Qualcomm Audio Post Processor Information Disclosure Vulnerability in Audioserver Allows Unauthorized Access to Sensitive Data Information Disclosure Vulnerability in Qualcomm Audio Post Processor Information Disclosure Vulnerability in Audioserver's libeffects Elevation of Privilege Vulnerability in Android Kernel Performance Subsystem Elevation of Privilege Vulnerability in Android Kernel Sound Subsystem Critical Remote Code Execution Vulnerability in Surfaceflinger Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Remote Code Execution Vulnerability in libgdx Critical Remote Code Execution Vulnerability in libstagefright on Android Elevation of Privilege Vulnerability in Android Framework APIs Elevation of Privilege Vulnerability in Android Framework APIs Elevation of Privilege Vulnerability in Android Framework APIs AOSP Messaging Local Information Disclosure Vulnerability High-Risk Information Disclosure Vulnerability in AOSP Messaging on Android High-Risk Elevation of Privilege Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Audioserver on Android High-Risk Information Disclosure Vulnerability in AOSP Mail for Android High-Risk Information Disclosure Vulnerability in Android Framework APIs Bionic DNS Remote Denial of Service Vulnerability Bluetooth Elevation of Privilege Vulnerability Allows Unauthorized Document Access Information Disclosure Vulnerability in AOSP Messaging Allows Unauthorized Access to Data Moderate Information Disclosure Vulnerability in Audioserver on Android Filesystem Information Disclosure Vulnerability in Android 7.0 and 7.1.1 Critical Elevation of Privilege Vulnerability in Android Kernel File System Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Qualcomm Closed Source Components Elevation of Privilege Vulnerability in Android Kernel (A-32573899) Elevation of Privilege Vulnerability in MediaTek Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Realtek Sound Driver for Android Kernel-3.10 (A-32705232) Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver High-Risk Information Disclosure Vulnerability in NVIDIA Video Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Qualcomm Sound Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Camera Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Audio Driver High-Risk Information Disclosure Vulnerability in Qualcomm Bootloader Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm IPA Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm ADSPRPC Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Allows Arbitrary Code Execution Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Networking Driver Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Seemp Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Networking Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm ADSPRPC Driver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Android Recovery Verifier Remote Code Execution Vulnerability in AOSP Messaging Remote Code Execution Vulnerability in libgdx for Android (CVE-2021-33621647) High-Risk Remote Code Execution Vulnerability in Framesequence Library on Android Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver on Android NFC Elevation of Privilege Vulnerability in Android High Severity Denial of Service Vulnerability in Android Mediaserver Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver Location Manager Elevation of Privilege Vulnerability in Android Wi-Fi Elevation of Privilege Vulnerability Allows Local Malicious App to Delete User Data Elevation of Privilege Vulnerability in Android Package Manager Allows Local Malicious App to Block Uninstallation and Permission Removal Elevation of Privilege Vulnerability in Android System UI Allows Unauthorized UI Overlay File-Based Encryption Vulnerability Allows Bypassing Android Lock Screen Information Disclosure Vulnerability in AOSP Messaging Allows Unauthorized Data Access Mediaserver Information Disclosure Vulnerability in Android Setup Wizard Denial of Service Vulnerability in Android Denial of Service Vulnerability in Android Mediaserver Denial of Service Vulnerability in Android Setup Wizard Allows Local Attackers to Require Google Account Sign-In After Factory Reset Local Denial of Service Vulnerability in Audioserver on Android Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Critical Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Critical Elevation of Privilege Vulnerability in Android Kernel FIQ Debugger Elevation of Privilege Vulnerability in Qualcomm Input Hardware Driver Elevation of Privilege Vulnerability in MediaTek Hardware Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Fingerprint Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Fingerprint Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Crypto Engine Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Elevation of Privilege Vulnerability in MediaTek APK Allows Local Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Qualcomm IPA Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in HTC Sensor Hub Driver Elevation of Privilege Vulnerability in HTC Sensor Hub Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Android Kernel-3.18 (A-33351919) High-Risk Information Disclosure Vulnerability in MediaTek Driver for Android Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Information Disclosure Vulnerability in MediaTek Video Codec Driver Information Disclosure Vulnerability in Qualcomm Video Driver Information Disclosure Vulnerability in Qualcomm Video Driver HTC Sound Codec Driver Information Disclosure Vulnerability Moderate Information Disclosure Vulnerability in Synaptics Touchscreen Driver for Android USB Gadget Driver Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in Sonivox in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Elevation of Privilege Vulnerability in CameraBase Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution SurfaceFlinger Elevation of Privilege Vulnerability High-Risk Information Disclosure Vulnerability in Android's libmedia in Mediaserver Remote Denial of Service Vulnerability in libskia High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android Remote Denial of Service Vulnerability in libavc in Mediaserver High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android Elevation of Privilege Vulnerability in libnl Allows Arbitrary Code Execution in Android Wi-Fi Service Elevation of Privilege Vulnerability in Android Telephony Component Information Disclosure Vulnerability in libavc in Mediaserver on Android Information Disclosure Vulnerability in libmpeg2 in Mediaserver Allows Unauthorized Data Access Information Disclosure Vulnerability in libmpeg2 in Mediaserver Allows Unauthorized Data Access Mediaserver Information Disclosure Vulnerability in Android Libskia Information Disclosure Vulnerability in Android Factory Reset Vulnerability Allows Unauthorized Access to Previous Owner's Data Critical Remote Code Execution Vulnerability in Broadcom Wi-Fi Firmware Critical Elevation of Privilege Vulnerability in MediaTek Touchscreen Driver Critical Elevation of Privilege Vulnerability in HTC Touchscreen Driver Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Elevation of Privilege Vulnerability in MediaTek Thermal Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in MediaTek Camera Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Crypto Engine Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in DTS Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Video Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in HTC OEM Fastboot Command Elevation of Privilege Vulnerability in Qualcomm CP Access Driver Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Broadcom Wi-Fi Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Sound Driver Critical Remote Code Execution Vulnerability in libmpeg2 in Mediaserver Critical Remote Code Execution Vulnerability in libstagefright in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libstagefright in Mediaserver Framework APIs Elevation of Privilege Vulnerability in Android Android Mediaserver Elevation of Privilege Vulnerability in libstagefright Libstagefright Elevation of Privilege Vulnerability in Android Mediaserver High-Risk Elevation of Privilege Vulnerability in Android's libstagefright Mediaserver High-Risk Elevation of Privilege Vulnerability in Audioserver on Android High-Risk Information Disclosure Vulnerability in Android Framework APIs High Severity Remote Denial of Service Vulnerability in libhevc in Mediaserver Remote Denial of Service Vulnerability in libstagefright in Mediaserver Bluetooth File Sharing Vulnerability Allows Unauthorized Access on Android 7.0-7.1.2 Bluetooth Information Disclosure Vulnerability in Android Denial of Service Vulnerability in libstagefright in Mediaserver Critical Elevation of Privilege Vulnerability in Qualcomm Power Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in MediaTek Power Driver Elevation of Privilege Vulnerability in MediaTek System Management Interrupt Driver Elevation of Privilege Vulnerability in MediaTek Video Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in MediaTek Command Queue Driver Elevation of Privilege Vulnerability in Qualcomm Pin Controller Driver Elevation of Privilege Vulnerability in Qualcomm Secure Channel Manager Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Goodix Touchscreen Driver High-Risk Elevation of Privilege Vulnerability in HTC Bootloader High-Risk Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver for Android High-Risk Information Disclosure Vulnerability in MediaTek Command Queue Driver on Android Information Disclosure Vulnerability in Qualcomm Crypto Engine Driver Moderate Information Disclosure Vulnerability in Android Kernel UVC Driver Information Disclosure Vulnerability in Qualcomm Camera Driver Information Disclosure Vulnerability in Qualcomm Camera Driver Kernel Trace Subsystem Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Camera Driver Information Disclosure Vulnerability in Qualcomm Sound Codec Driver Broadcom Wi-Fi Driver Information Disclosure Vulnerability Moderate Information Disclosure Vulnerability in Synaptics Touchscreen Driver for Android Remote Denial of Service Vulnerability in libstagefright in Mediaserver (Android) Elevation of Privilege Vulnerability in MediaTek Command Queue Driver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Remote Code Execution Vulnerability in Android System UI Component High-Risk Information Disclosure Vulnerability in Android Bluetooth Component High Severity Remote Denial of Service Vulnerability in Android Mediaserver Remote Denial of Service Vulnerability in libvpx in Mediaserver High Severity Remote Denial of Service Vulnerability in libhevc in Mediaserver High Severity Remote Denial of Service Vulnerability in Android Mediaserver Remote Denial of Service Vulnerability in Android Mediaserver Bluetooth Elevation of Privilege Vulnerability in Android Bluetooth Information Disclosure Vulnerability in Android Information Disclosure Vulnerability in libziparchive Allows Unauthorized Access to Sensitive Data Elevation of Privilege Vulnerability in Android Kernel FIQ Debugger Elevation of Privilege Vulnerability in MediaTek Sound Driver Synaptics Touchscreen Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Android Kernel-3.18 ION Subsystem High-risk Remote Code Execution Vulnerability in libxml2 on Android Android Framework Elevation of Privilege Vulnerability (Android ID: A-36491278) Android Framework Elevation of Privilege Vulnerability (Android ID: A-36991414) Android Framework Elevation of Privilege Vulnerability (Android ID: A-37285689) Android Framework Elevation of Privilege Vulnerability (Android ID: A-37478824) Android Information Disclosure Vulnerability Android Information Disclosure Vulnerability Android Denial of Service Vulnerability (A-36104177) Critical Remote Code Execution Vulnerability in Android Libraries (Android 4.4.4) Android Denial of Service Vulnerability (A-34778578) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-33974623) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-34231163) Critical Remote Code Execution Vulnerability in Android Media Framework (CVE-2020-12345) Android Media Framework Remote Code Execution Vulnerability (CVE-2017-13263) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-36035074) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36576151) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-36996978) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-37008096) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-37208566) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36588422) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36591008) Android Media Framework Elevation of Privilege Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-34203195) Android Media Framework Denial of Service Vulnerability (Android ID: A-34231231) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-35584425) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-36724453) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-36993291) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-37094889) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability (CVE-2017-13276) Android Media Framework Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android System UI (Android ID: A-35639138) Critical Remote Code Execution Vulnerability in Android System UI (Android 7.1.1 and 7.1.2) Critical Remote Code Execution Vulnerability in Android System UI (Android 7.1.1 and 7.1.2) Android System UI Elevation of Privilege Vulnerability Android System UI Elevation of Privilege Vulnerability (Android 7.1.1, 7.1.2) Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android HTC LED Driver Elevation of Privilege Vulnerability in Android Kernel HTC Sound Driver Information Disclosure Vulnerability in Android Kernel HTC Sensor Hub Driver Information Disclosure Vulnerability Elevation of Privilege Vulnerability in Android Kernel's Upstream Linux tcb Android Elevation of Privilege Vulnerability in MediaTek Networking Driver Android Wi-Fi Service Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android sfntly Libraries H263 Decoder Remote Code Execution Vulnerability in Android Media Framework Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (MPEG2 Decoder) Critical Remote Code Execution Vulnerability in Android Media Framework (MPEG2 Decoder) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) H263 Decoder Remote Code Execution Vulnerability in Android Media Framework Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Android Media Framework Denial of Service Vulnerability (libmpeg2) Android Media Framework (libskia) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Elevation of Privilege Vulnerability (libgui) Hevc Decoder Denial of Service Vulnerability in Android Media Framework Android Media Framework Elevation of Privilege Vulnerability H264 Decoder Denial of Service Vulnerability in Android Media Framework Android Media Framework Elevation of Privilege Vulnerability in MPEG4 Encoder Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Denial of Service Vulnerability (CVE-2017-13263) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability Android Media Framework (libhevc) Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Broadcom Networking Driver Android Elevation of Privilege Vulnerability in MediaTek GPU Driver Android Elevation of Privilege Vulnerability in MediaTek Video Driver Elevation of Privilege Vulnerability in NVIDIA Firmware Processing Code for Android Kernel (CVE-2017-0744) Android Media Framework AVC Decoder Remote Code Execution Vulnerability Android Elevation of Privilege Vulnerability in Qualcomm IPA Driver (A-35467471) Android Elevation of Privilege Vulnerability in Qualcomm Proprietary Component (A-32524214) Title: Qualcomm Audio Driver Information Disclosure Vulnerability in Android Kernel (A-35764875) Elevation of Privilege Vulnerability in Android Kernel (A-36007735) Elevation of Privilege Vulnerability in Android Kernel's Upstream Linux File System Elevation of Privilege Vulnerability in Qualcomm QCE Driver for Android Android Windowmanager Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android libgdx Libraries (Android ID: A-62218744) Android libminikin Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libvorbis) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libjhead) Android Media Framework Elevation of Privilege Vulnerability (libeffects) Android Media Framework Elevation of Privilege Vulnerability (CVE-2017-13263) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Elevation of Privilege Vulnerability (CVE-2019-38234812) Android Media Framework Denial of Service Vulnerability (libskia) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libhevc) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability (Audioflinger) Android Runtime Denial of Service Vulnerability (Android Messenger) Android Bluetooth Remote Code Execution Vulnerability (CVE-2017-0781) Critical Remote Code Execution Vulnerability in Android Bluetooth Bluetooth Information Disclosure Vulnerability in Android NFC Elevation of Privilege Vulnerability in Android System Bluetooth Information Disclosure Vulnerability in Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Broadcom Wi-Fi Driver Information Disclosure Vulnerability in Android Android Kernel Information Disclosure Vulnerability (A-35764946) Elevation of Privilege Vulnerability in Android Upstream Kernel SCSI Driver (A-35644812) Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek Auxadc Driver for Android Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Android MediaTek Kernel Elevation of Privilege Vulnerability (A-36100671) Android Elevation of Privilege Vulnerability in MediaTek Lastbus Elevation of Privilege Vulnerability in MediaTek TEEI on Android Elevation of Privilege Vulnerability in MediaTek libmtkomxvdec Android MediaTek Kernel Elevation of Privilege Vulnerability (A-36232120) Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek MMC Driver for Android Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Gatekeeper Response Elevation of Privilege Vulnerability Android Framework Elevation of Privilege Vulnerability (A-35056974) Android File System Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Elevation of Privilege Vulnerability (Audio HAL) Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability (CVE-2017-13263) Android Media Framework Information Disclosure Vulnerability (CVE-2017-13263) Android Media Framework Information Disclosure Vulnerability (libstagefright) Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability: Remote Code Execution Android Camera Elevation of Privilege Vulnerability Android rild Information Disclosure Vulnerability Elevation of Privilege Vulnerability in Broadcom Wifi Driver for Android Broadcom WiFi Driver Information Disclosure Vulnerability in Android HTC Bootloader Elevation of Privilege Vulnerability in Android Kernel Elevation of Privilege Vulnerability in MediaTek SoC Driver for Android Critical Elevation of Privilege Vulnerability in Huawei Bootloader for Android Motorola Bootloader Elevation of Privilege Vulnerability in Android Kernel Elevation of Privilege Vulnerability in Android Framework's Device Policy Client Android Framework Elevation of Privilege Vulnerability in Window Manager (Android 8.0) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Elevation of Privilege Vulnerability (CVE-2020-12345) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability (CVE-2020-12345) Android Media Framework Information Disclosure Vulnerability (libstagefright) Critical Remote Code Execution Vulnerability in Android libutils (Android ID: A-37723026) Bluetooth Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in MediaTek ccci on Android Android SyncStorageEngine Denial of Service Vulnerability Clipboard Information Disclosure Vulnerability in Android Framework Android Media Framework Elevation of Privilege Vulnerability (mediaanalytics) Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability in libavc Android Media Framework (libstagefright) Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability in libhevc Android Media Framework (libhevc) Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Memory Leak Vulnerability in MPEG4Extractor.cpp Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability (A-64836894) Android Media Framework Vulnerability: A-36075131 Android Elevation of Privilege Vulnerability in InputDispatcher ALSA Subsystem Use-After-Free Privilege Escalation Vulnerability Elevation of Privilege Vulnerability in Android Upstream Kernel (A-36006779) Elevation of Privilege Vulnerability in Android Upstream Kernel Video Driver (A-37950620) Title: Elevation of Privilege Vulnerability in MediaTek ioctl (flashlight) on Android Elevation of Privilege Vulnerability in MediaTek SoC Driver for Android Unchecked Input in NVIDIA Tegra X1 Direct Rendering Infrastructure Leads to Kernel Memory Corruption and Possible Code Execution Integer Overflow Vulnerability in NVIDIA Driver: High Risk of Privilege Elevation and Code Execution Elevation of Privilege Vulnerability in Android Framework (libminikin) Elevation of Privilege Vulnerability in Android Framework (Android 8.0) Critical Remote Code Execution Vulnerability in Android Media Framework (libskia) Android Media Framework Denial of Service Vulnerability (libmpeg2) Android Media Framework (libavc) Denial of Service Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Information Disclosure Vulnerability Android Media Framework (libskia) Denial of Service Vulnerability Unauthorized Subscription Vulnerability in Zulip Group Chat Application Server Sensitive User Credential Exposure in Multiple Versions of GitLab Permission Increase on Re-sharing via OCS API in Nextcloud Server Vulnerability: Unauthorized Creation of Folders in Read-Only Directories Information Disclosure Vulnerability in Nextcloud Server Endless Recursion Denial of Service Vulnerability in Nextcloud Server Bypassing Quota Limitation in Nextcloud Server Content-Spoofing Vulnerability in Nextcloud Server's Files App Server-Side Request Forgery (SSRF) Vulnerability in Paperclip Ruby Gem Version 3.1.4 and Later XSS Vulnerability in Nextcloud Server Search Module Inadequate Escaping of Error Messages Leading to XSS Vulnerabilities in Nextcloud Server Improper Session Handling Vulnerability in Nextcloud Server before 11.0.3 XSS Vulnerability in Nextcloud Server's JavaScript Library Vulnerability: Disclosure of Valid Share Tokens for Public Calendars in Nextcloud Server Disclosure of Calendar and Addressbook Names in Nextcloud Server Zulip Server 1.5.1 and below: Authenticated User Bypasses invite_by_admins_only Setting Weak Entropy in ExpressionEngine Object Signing Token (OST) Allows Remote Code Execution Format String Vulnerability in Ruby Vulnerability: Terminal Escape Sequence Execution in RubyGems Denial of Service Vulnerability in RubyGems 2.6.12 and Earlier File Overwrite Vulnerability in RubyGems Version 2.6.12 and Earlier RubyGems DNS Hijacking Vulnerability RubyGems YAML Deserialization Remote Code Execution Vulnerability Bypass Vulnerability in private_address_check Ruby Gem Server-Side Request Forgery vulnerability in Recurly Client Ruby Library's Resource#find method Server-Side Request Forgery Vulnerability in Recurly Client Python Library Server-Side Request Forgery Vulnerability in Recurly Client .NET Library Incomplete Blacklist Vulnerability in private_address_check Ruby Gem Cross-Realm User Account Creation Vulnerability in Zulip Server Callback Verification Flaw in Twitter Kit for iOS Allows Credential Manipulation Stored Cross-site Scripting Vulnerability in Ubiquiti UCRM Versions 2.5.0 to 2.7.7 Arbitrary File Read Vulnerability in Ubiquiti UCRM Versions 2.3.0 to 2.7.7 SQL Injection Vulnerability in GitLab MilestoneFinder Component Remote Code Execution Vulnerability in Gitlab Community Edition 10.2.4 Remote Code Execution Vulnerability in Gitlab Community Edition version 10.3 Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition version 10.2.4 Path Traversal Vulnerability in GitLab CI Runner Allows Remote Code Execution Authorization Bypass Vulnerability in GitLab Import Component Authorization Bypass Vulnerability in GitLab Community and Enterprise Editions Unverified Password Change Vulnerability in GitLab Community and Enterprise Editions Authorization Bypass Vulnerability in GitLab Enterprise Edition 10.3 Allows Information Disclosure on Board Objects Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition version 9.1 Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition 10.2.4 Insufficiently Protected Credential Issue in Gitlab Enterprise Edition 10.1.0: Information Disclosure of Plaintext Password Improper Authorization Vulnerability in Gitlab Community Edition 10.3 Allows Unauthorized User Login via Oauth Sign-In Improper Authorization Vulnerability in Gitlab Community Edition 10.3 Allows Unauthorized Use of Deployment Keys by Guest Users External Control of Critical State Data in html-janitor Node Module: Bypassing Sanitization via User-Controlled '_sanitized' Variable DNN (DotNetNuke) before 9.2.0 Vulnerability: Server-Side Request Forgery (SSRF) in DnnImageHandler Path Traversal Vulnerability in Augustine Node Module Allows Unauthorized File Access Cross-Site Scripting (XSS) Vulnerability in html-janitor Node Module's clean() Method Privilege Escalation Vulnerability in Ubiquiti Networks EdgeOS CSRF Vulnerability in Ubiquiti Networks EdgeOS Versions 1.9.1 and Prior Improper Privilege Management Vulnerability in Ubiquiti Networks EdgeOS Improper Privilege Management Vulnerability in Ubiquiti Networks EdgeOS Authorization Bypass Through User-Controlled Key in Nextcloud Server Amplification Attacks via Discovery Protocol in airMAX and EdgeMAX Oracle Hospitality Reporting and Analytics Component Denial of Service Vulnerability Message Validation Bypass Vulnerability in FedMsg 0.18.1 and Older Directory Traversal and Code Execution Vulnerability in ATutor Course Component Privilege Escalation Vulnerability in ATutor Versions 2.2.1 and Earlier Multiple SQL Injection Vulnerabilities in ATutor Stored XSS Vulnerability in PHPMiniAdmin version 1.9.160630 Allows Account Takeover and Data Theft XSS Vulnerability in Plotly.js Versions Prior to 1.16.0 Incomplete Certificate Verification in txAWS (All Versions): Vulnerability to MitM Attacks and Information Disclosure CSRF Vulnerability in Chyrp Lite Version 2016.04 Allows Account Hijacking Shell Injection Vulnerability in Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 Allows Remote Execution Title: Audacity 2.1.2-2.3.2 DLL Hijacking Vulnerability Allows Arbitrary Code Execution Stored XSS Vulnerability in MyWebSQL Version 3.6: Account Takeover and Information Theft Stored XSS Vulnerability in MySQL Dumper version 1.24 Open Redirect Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 DOS Vulnerability in phpMyAdmin Table Editing Functionality CSS Injection Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 Cookie Injection Vulnerability Arbitrary MySQL Server Connection Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 DOS Vulnerability in phpMyAdmin Replication Status with Specially Crafted Table Name eCos Embedded Web Servers Vulnerability: SYN/FIN Flood Attack Enables Authentication Bypass XXE Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior: Indexing XML Documents Privilege Escalation Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior XSS Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior: Preview of HTML Documents Information Disclosure in Shotwell Web Publishing Plugins: Potential Password and OAuth Token Plaintext Transmission Password Manager Sweep Attack in GNOME Web (Epiphany) Vulnerability: Directory Traversal Attack in Chef Software's mixlib-archive Open URL Redirect Vulnerability in Koozali Foundation SME Server User Web Login Function Directory Traversal Vulnerability in Oracle GlassFish Server Open Source Edition 4.1 Local File Inclusion Vulnerability in Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) Java Key Store Password Disclosure Vulnerability in Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) Cacti 0.8.8b SQL Injection Vulnerability in graph_templates_inputs.php Arbitrary Web Script Injection in Cacti 0.8.8b Reflected Cross-Site Scripting (XSS) Vulnerability in Vospari Forms WordPress Plugin Akka Remoting Component Java Deserialization Vulnerability XSS Window.Opener Attack Vulnerability in Tiny Tiny RSS RVM Vulnerability: Command Injection via Automatic Environment Variable Loading Stored XSS Vulnerability in WordPress Plugin Relevanssi 3.5.7.1 Framadate Version 1.0 Vulnerability: Formula Injection in CSV Export Leading to Information Disclosure and Code Execution Cross-Site Scripting Vulnerability in Mapbox.js TileJSON Name Field Cross-Site Scripting Vulnerability in Mapbox.js TileJSON Name and Map Share Control Memory Corruption Vulnerability in gtk-vnc 0.4.2 and Older Session Cookie Flag Not Set in Mautic 2.6.1 and Earlier Vulnerability: Directory Traversal in rbenv Allows Arbitrary Code Execution Denial of Service (DoS) Vulnerability in Web Framework Using ljharb's qs Module JasPer 2.0.12 Vulnerability: Denial-of-Service via NULL Pointer Exception in jp2_encode Arbitrary Script Injection in XWiki Labs CryptPad Pad Export Null Byte Injection Vulnerability in Elixir Plug.Static Component Arbitrary Code Execution Vulnerability in Elixir Plug Session Deserialization XSS Vulnerability in Rocket.Chat Markdown Link Parsing Privilege Escalation in Kubernetes PodSecurityPolicy Admission Plugin Stored XSS Vulnerabilities in Chevereto CMS (Versions < 3.8.11) - User Profile and Exif Data Parser Cross-Site Scripting (XSS) Vulnerability in Live Helper Chat version 2.06v and Older Unauthenticated SQL Injection in EONweb leading to Remote Root Access XML External Entity Expansion Vulnerability in xmlsec 1.2.23 and Earlier Versions Directory Traversal Vulnerability in KittoFramework Kitto 0.5.1 Allows Remote Code Execution XSS Vulnerability in KittoFramework Kitto Version 0.5.1: Information Disclosure via 404 Page Memory Exhaustion DoS Vulnerability in KittoFramework Kitto Version 0.5.1 OpenMediaVault 2.1 Access Rights Management XSS Vulnerabilities Inadvertent Decryption of Database Entries in KeePass 1.32 Blind SQL Injection Vulnerability in MODX Revolution 2.x - 2.5.6 Authentication Flaw in TestTrack Server Versions 1.0 and Earlier: Arbitrary Split Disablement Vulnerability CSRF Vulnerability in Bitly oauth2_proxy 2.1 during Authentication Flow Open Redirect Vulnerability in Bitly oauth2_proxy 2.1 and Earlier Authentication Bypass Vulnerability in Jasig phpCAS Version 1.3.4 Double Free Vulnerability in Creolabs Gravity Version 1.0 Heap Overflow Vulnerability in Creolabs Gravity Version 1.0 Stack Overflow Vulnerability in Creolabs Gravity v1.0's string_repeat() Function Stack Overflow Vulnerability in Creolabs Gravity Version 1.0 XSS Vulnerability in Linux Foundation ONOS 1.9 Device Registration DoS Vulnerability in Linux Foundation ONOS 1.9.0 Unauthenticated Use of Websockets in Linux Foundation ONOS 1.9.0 Unauthenticated Application Upload Vulnerability in Linux Foundation ONOS 1.9.0 Privilege Escalation Vulnerability in systemd v233 and Earlier Arbitrary Command Execution via TAR Archive in GNOME Evince Unauthenticated Project Triggering Vulnerability in Parameterized Trigger Plugin Improper Permissions and CSRF Vulnerability in Subversion Plugin Vulnerability: Unrestricted Access and Cross-Site Request Forgery in Periodic Backup Plugin GitHub Branch Source Credential ID Disclosure Vulnerability Unvalidated Input Allows Execution of JavaScript Schemes in Sidebar Link Plugin Unauthenticated Build Triggering Vulnerability in Jenkins Pipeline: Build Step Plugin Cross-Site Request Forgery Vulnerability in Role-based Authorization Strategy Plugin Improper Permissions and CSRF Vulnerability in GitHub Branch Source Plugin Jenkins Git Plugin Credential Leakage Vulnerability Cross-Site Request Forgery Vulnerability in Poll SCM Plugin Docker Commons Plugin Credential ID Exposure Vulnerability Unsafe Default Whitelist Entries Allowing Access to Private Data and Circumventing Script Security Incomplete Sandbox Protection in Pipeline Scripts Allows Arbitrary Code Execution Trust Preference Bypass Vulnerability in Darwin's Keychain Denial of Service Vulnerability in net/http's Request.ParseMultipartForm Method Heap Data Leakage in libcurl's File Retrieval Oracle Hospitality Simphony First Edition Vulnerability: Unauthorized Access and Data Compromise TFTP File Name Truncation Vulnerability Curl URL Globbing Heap Buffer Overflow Vulnerability Persisted Cross-Site Scripting Vulnerability in Static Analysis Utilities Plugin Persisted Cross-Site Scripting Vulnerability in Custom Details View of Static Analysis Utilities DRY Plugin Vulnerability: Unauthorized Access to Configuration Files Containing Secrets in Config File Provider Plugin Vulnerability: Insufficient Permission Check in Blue Ocean for Access to Archived Artifacts Unauthenticated Arbitrary Commit and File Access in Blue Ocean Vulnerability: Bypassing Sandbox Protection in Script Security Plugin Pipeline Input Step Plugin Vulnerability Persisted Cross-Site Scripting Vulnerability in OWASP Dependency-Check Plugin's Custom Details View Blue Ocean GitHub Organization Folder Misconfiguration Vulnerability Heap Out-of-Bounds Vulnerability in AF_PACKET Sockets Memory Corruption Vulnerability in Linux Kernel: UFO to Non-UFO Path Switch Unencrypted Password Storage in Deploy to Container Plugin Datadog Plugin API Key Exposure Vulnerability Symlink Vulnerability in Mercurial Prior to Version 4.3 Allows Modification of Files Outside Repository Shell-injection vulnerability in Mercurial prior to version 4.3 due to inadequate hostname sanitization in ssh Remote Code Execution via Crafted ssh://... URL Akka HTTP <= 10.0.5 Denial of Service Vulnerability Vulnerability: PHP Code Execution in October CMS Build 412 File Upload Functionality SQL Injection Vulnerability in frappe.share.get_users Integer Overflow and Buffer Overflow in UNIX IPC Layer of WebKitGTK+ (CVE-2021-30663) Denial of Service Vulnerability in UNIX IPC Layer of WebKitGTK+ Codiad (Full Version) Vulnerability: Arbitrary File Write and Webshell Upload Stack Out of Bounds Read Vulnerability in exiv2 0.26 WebP Parser Heap Buffer Overflow in Exiv2 0.26 TIFF Parser Stack Out of Bounds Read Vulnerability in Exiv2 0.26 JPEG2000 Parser Serendipity 2.0.3 SQL Injection Vulnerability in Blog Component Improper Implementation of MNet SSO API Function in Mahara Remote Code Execution via Malicious .swf File Download in Mahara User Artefact Inclusion Vulnerability in Mahara Versions 15.04, 15.10, and 16.04 Access Permission Vulnerability in Mahara Persistent Login Vulnerability in Mahara Session Invalidation Vulnerability in Mahara Versions 1.8 - 1.10.1 and 15.04.0 Possible Cross-Site Scripting Vulnerability in Mahara 1.10 and 15.04 Cross-Site Scripting (XSS) Vulnerability in Mahara 1.10 and 15.04 Server-side Request Forgery Vulnerability in Mahara Versions 1.8 to 1.8.7, 1.9 to 1.9.5, 1.10 to 1.10.3, and 15.04 to 15.04.0 XML File Code Execution Vulnerability in Mahara User Account Manipulation Vulnerability in Mahara URL Manipulation Vulnerability in Mahara Versions 1.8 to 1.8.7, 1.9 to 1.9.5, 1.10 to 1.10.3, and 15.04 to 15.04.0 Watchlist Notification Vulnerability Cross-Site Scripting (XSS) vulnerability in Mahara 1.9, 1.10, and 15.04 Vulnerability: Unauthorized Anonymous Comments on Mahara Artefact Detail Pages Arbitrary Execution of Javascript in Mahara Portfolio Page Title Cross-Site Request Forgery (CSRF) Vulnerability in Mahara's Filebrowser Widget PHP Code Execution Vulnerability in Mahara XSS Vulnerability in Mahara Versions 1.10 and 15.04 Session Fixation Vulnerability in Mahara 15.04 and 15.10 Sensitive Information Leakage via Unusual Parameters in Mahara Versions 15.04, 15.10, and 16.04 Session Hijacking Vulnerability in Mahara 15.04 and 15.10 Vulnerability: Incorrect Access Control in Mahara Authentication Bypass Vulnerability in Mahara Unrestricted Access to Profile Pictures in Mahara Versions 15.04, 15.10, and 16.04 Group Configuration Page Edit Vulnerability Vulnerability: Plain Text Password Recording in Mahara Event Log Integer Overflow Vulnerability in PyString_DecodeEscape Function in CPython Title: Command Injection Vulnerability in Evince Print to PDF (Versions < 3.25.91) Cross-Site Scripting (XSS) Vulnerability in EllisLab ExpressionEngine 3.4.2 Allows PHP Code Injection Unvalidated URL Redirection Vulnerability in Phoenix Framework Critical XSS Vulnerability in Tine 2.0 Version 2017.02.4: Code Execution and Privilege Escalation Vulnerability: Degenerate Public Keys in sodiumoxide 0.0.13 and older scalarmult() Arbitrary File Write Vulnerability in QuickerBB <= 0.7.2 Directory Traversal Vulnerability in jqueryFileTree 2.1.5 and Older Versions Plain Text Password Vulnerability in Mahara Mobile before 1.2.1 Heap Use-After-Free Vulnerability in Creolabs Gravity Version 1.0 Heap-Buffer-Overflow Vulnerability in Creolabs Gravity Version 1.0 SWFTools: Address Access Exception in swfdump swf_GetBits() Vulnerability SWFTools swfc memcpy Buffer Overflow Vulnerability Memory Leak Vulnerability in SWFTools' wav2swf SWFTools gif2swf memcpy Buffer Overflow Vulnerability Critical Stack Overflow Vulnerability Discovered in SWFTools' pdf2swf Address Access Exception in pdf2swf's FoFiTrueType::writeTTF() Cross-site Scripting (XSS) Vulnerability in Node.js EJS.renderFile() Allows Code Injection Denial-of-Service Vulnerability in Node.js EJS Version < 2.5.5 Critical XXE Vulnerability in SimpleXML 2.7.1: Exploiting SSRF, Information Disclosure, and DoS Jool 3.5.0-3.5.1 Kernel Crash Vulnerability: Denial of Service (DoS) Local File Inclusion Vulnerability in Cygnux sysPass Version 2.1.7 and Older Stored XSS Vulnerability in October CMS build 412 via Brand Logo Image Name Vulnerability: Apache Configuration Modification via File Upload in October CMS Build 412 Vulnerability: PHP Object Injection in October CMS Build 412 Asset Move Functionality Vulnerability: PHP Code Execution in October CMS Build 412 Asset Manager File Path Modification Vulnerability in October CMS Build 412 Denial of Service Vulnerability in tcmu-runner Daemon (Versions 0.9.0 to 1.2.0) Information Disclosure Vulnerability in tcmu-runner's handler_qcow.so Oracle Hospitality Inventory Management Component Vulnerability NULL Pointer Dereference Vulnerability in tcmu-runner Daemon's on_unregister_handler() Function Local Denial of Service Vulnerability in tcmu-runner Daemon Vulnerability: Authenticated Shell Metacharacter Injection in ROOTd Daemon Buffer Overflow Vulnerability in samtools htslib Library Version 1.4.0 and Earlier: Potential Arbitrary Code Execution Arbitrary Code Execution Vulnerability in Swagger-Parser and Swagger Codegen Arbitrary Code Execution Vulnerability in Swagger-Parser and Swagger-Codegen Insecure SSL/TLS Server Verification in Java WebSocket Client Stack Buffer Overflow Vulnerability in picoTCP (Versions 1.7.0 - 1.5.0) Allows Code Execution or Denial of Service Attack Use After Free Vulnerability in Lynx HTML Parser Allows Memory Disclosure Remote Code Execution Vulnerability in Elixir's alchemist.vim Plugin Reflected XSS Vulnerability in WBCE v1.1.11 via begriff POST Parameter in /admin/admintools/tool.php?tool=user_search OS Command Injection Vulnerability in GitPHP by xiphux Unauthenticated Shell Command Injection in ROOT xrootd Version 4.6.0 and Below: Remote Code Execution Vulnerability Arbitrary Code Execution Vulnerability in Opencast 2.3.2 and Older Versions Buffer Overflow Vulnerability in LightFTP Version 1.1: Remote Code Execution and Denial of Service Windows-CPU npm Package Vulnerable to Command Injection and Code Execution as Node.js User Arbitrary Command Execution Vulnerability in soyuka/pidusage <=1.1.4 Access Control Bypass in Opencast 2.2.3 and Older Stored XSS Vulnerability in MODX Revolution CMS Allows for Account Takeover Critical CSRF Vulnerability in YouTube WordPress Plugin Allows Unauthorized Modification of Plugin Settings Critical Reflected XSS Vulnerability in Relevanssi Premium 1.14.8 Allows Unauthenticated Attackers to Gain Admin-Level Access User Enumeration Vulnerability in Stop User Enumeration 1.3.8 Plugin via REST API Stored XSS Vulnerability in Salutation Responsive WordPress + BuddyPress Theme v3.0.15 Allows Logged-in Users to Gain Admin Privileges Remote Code Execution Vulnerability in Node.js EJS Versions < 2.5.3 Remote Code Execution and Denial of Service Vulnerability in optipng 0.7.6 Snap7 Server 1.4.1 Denial of Service Vulnerability Double-Free Vulnerability in ldns 1.7.0's parse.c with Unspecified Impact and Attack Vectors Double-Free Vulnerability in ldns 1.7.0's str2host.c with Unspecified Impact and Attack Vectors Directory Enumeration Vulnerability in I, Librarian version <=4.6 & 4.7 OS Command Injection in batchimport.php in I, Librarian version <=4.6 & 4.7 Reflected Cross-Site Scripting Vulnerability in I, Librarian <=4.6 & 4.7 temp.php Server-Side Request Forgery in I, Librarian <=4.6 & 4.7: Password Reset Vulnerability Arbitrary File Upload Vulnerability in InvoicePlane v1.4.10 Stored Cross Site Scripting Vulnerability in InvoicePlane version 1.4.10 Multiple Reflected & Stored Cross-Site Scripting (XSS) Vulnerabilities in OpenEMR 5.0.0 and Prior Versions Vertical Privilege Escalation Vulnerability in OpenEMR Version 5.0.0 and Prior Insecure Permissions in Jenkins Git Client Plugin Leads to Information Disclosure Unauthenticated User Can Manipulate Favorites in Jenkins Favorite Plugin 2.1.4 and Older CSRF Vulnerability in Jenkins Favorite Plugin (Version 2.2.0 and Older) Allows Data Modification Plaintext Storage of SSH Credentials in Configuration File Weak Encryption of Data in pysaml2 IDP Server HTTP Header Injection in CodeIgniter 3.1.3 set_status_header() Function under Apache Unsafe Object Loading Vulnerability in Redis-store <=v1.3.0 Stack buffer overflow vulnerability in file() function allows arbitrary code execution SDP Server Information Disclosure Vulnerability BlueBorne: Remote Code Execution Vulnerability in Linux Kernel Bluetooth Stack Denial of Service Vulnerability in Linux Kernel's KVM Subsystem Unpatched Linux Kernels Vulnerable to Address Allocation Issue Heap Buffer Overflow in libcurl FTP PWD Response Parsing Kernel Stack Pointer Overwrite Vulnerability on Linux PowerPC Vulnerability: Insecure SSL/TLS Certificate Validation in libvirt IMAP FETCH Response Zero-Byte Data Vulnerability Solaris Network Services Library Vulnerability Unauthenticated Remote Code Execution in Jenkins Versions 2.56 and Earlier Jenkins User Impersonation Vulnerability XStream: Java Crash Vulnerability in Jenkins Versions 2.56 and Earlier Jenkins User Database Authentication Realm Vulnerability OpenDaylight odl-l2switch-switch Denial of Service Vulnerability OpenDaylight 4.0: Controller Exception Prevents Adding Subsequent Flow for Switch OpenDaylight odl-mdsal-xsql Vulnerability: Java Out of Memory Error and Resource Consumption Increase Vulnerability: StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql OpenDaylight DOMRpcImplementationNotAvailableException Vulnerability World-readable backup directory containing re-encrypted secrets in Jenkins Linux drivers/char/lp.c Out-of-Bounds Write Vulnerability Stack Guard Page Bypass Vulnerability in Linux Kernel Vulnerability: Bypassing Size Restriction on Arguments and Environmental Strings in Linux Kernel Heap/Stack Alias Vulnerability in glibc 2.25 and Earlier Vulnerability in Todd Miller's sudo version 1.8.20 and earlier: Input Validation (Embedded Spaces) in get_process_ttyname() Function Vulnerability in Todd Miller's sudo version 1.8.20p1 and earlier: Information Disclosure and Command Execution Exim Multiple -p Command Line Argument Arbitrary Code Execution Vulnerability Vulnerability: Offset2lib Patch Bypass in Linux Kernel 4.11.5 and Earlier (i386) Vulnerability: Stack Guard Page Bypass in Linux Kernel 4.11.5 (i386) Stack Guard Page Bypass Vulnerability in OpenBSD 6.1 and Earlier Versions Recursive qsort() Vulnerability in OpenBSD 6.1 and Earlier Versions Vulnerability: Stack Guard Page Bypass in NetBSD 7.1 and Earlier Versions Stack-based ASLR Bypass Vulnerability in NetBSD 7.1 and Earlier Versions Vulnerability: Executable Stack in libffi Allows Arbitrary Code Execution Stack Guard Page Bypass Vulnerability in PAX Linux Kernel Vulnerability: Recursive and Non-Randomized qsort() Function in NetBSD Stack Mapping Vulnerability in Linux Kernel 4.11.5 on AMD64 Systems Data Race Vulnerability in ALSA /dev/snd/timer Driver Allows Unauthorized Information Disclosure Memory Read Vulnerability in c-ares `ares_parse_naptr_reply()` Function Vulnerability: Insecure Swap File Creation in VIM Insecure Backup File Creation in GNU Emacs Erlang OTP TLS Server Vulnerability: Bleichenbacher Attack Variation Arbitrary HTML Injection in Jenkins Active Choices Plugin Unencrypted Storage and Transmission of Credentials in Jenkins Build-Publisher Plugin Unauthenticated Modification of Dependency Graph in Jenkins Dependency Graph Viewer Plugin Potential Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities in Jenkins Global-Build-Stats Plugin Unauthenticated Access to Resume Build in Jenkins Multijob Plugin User ID Directory Escaping Vulnerability in Jenkins Cross-Site Scripting (XSS) Vulnerability in Jenkins Autocompletion Suggestions Arbitrary Command Execution Vulnerability in Jenkins Denial-of-Service Vulnerability in Jenkins 2.73.1 and Earlier, 2.83 and Earlier Information Disclosure Vulnerability in Jenkins Vulnerability: SSL Certificate Verification Bypass in Jenkins 2.73.1 and earlier, 2.83 and earlier Jenkins Maven Plugin Vulnerability: SSL Certificate Verification Bypass (CVE-2012-6153) Information Disclosure Vulnerability in Jenkins API Jenkins Remote API Information Disclosure Vulnerability Solaris Kernel Takeover Vulnerability Information Disclosure Vulnerability in Jenkins Remote API Sensitive Secrets Logging Vulnerability in Jenkins Jenkins Swarm Plugin Client Vulnerability: SSL Certificate Verification Bypass (CVE-2012-6153) Jenkins Speaks! Plugin Privilege Escalation Vulnerability Cross-Site Scripting Vulnerability in Jenkins Delivery Pipeline Plugin Vulnerability: Dirty COW-like vulnerability in Linux Kernel versions 2.6.38 through 4.14 Password Cache Persistence Vulnerability in OpenDaylight Karaf 0.6.1-Carbon Denial of Service Vulnerability in Linux Kernel 2.6.32 and Later: Diagnostic Port 0x80 Flooding Memory Leak Vulnerability in glibc 2.1.1 via LD_HWCAP_MASK Environment Variable Buffer Overflow Vulnerability in glibc 2.5 via LD_LIBRARY_PATH Uninitialized Stack Variable Info Leak in Linux Kernel L2CAP Processing Vulnerability: OpenFlow Plugin and OpenDayLight Controller Memory Resource Consumption Vulnerability: Bellcore Attack Compromising RSA Private Key in Linaro's OP-TEE 2.4.0 and Older Versions Timing Attack Vulnerability in OP-TEE's Montgomery Implementation Compromising RSA Private Key JPEGsnoop Version 1.7.5 Vulnerability: Division by Zero in JFIF Decode Handling Incorrect UTCTime date range validation in MatrixSSL version 3.7.2 allows for 100-year certificate expiration extension ASN.1 Parser Vulnerability in axTLS Version 1.5.3: Misinterpretation of UTCTime as 2050 OID Spoofing Vulnerability in MatrixSSL 3.7.2 Heap-based Buffer Overflow in WildMIDI's WildMidi_Open Function SSRF Vulnerability in phpBB 3.2.0 Remote Avatar Function Symlink Traversal Vulnerability in Syncthing Versions 0.14.33 and Older Use-after-free vulnerability in Gifsicle gifview 1.89 and older allows potential code execution Integer Overflow Vulnerability in Gnome gdk-pixbuf 2.36.8 and Older: Memory Corruption and Code Execution Unauthenticated PHP Code Execution in b2evolution v6.6.0 - v6.8.10 URL Spoofing Vulnerability in Github Electron Arbitrary Script Injection in Liferay Portal CE 7.0 GA4 and Older Cross Site Scripting Vulnerability in MapProxy Demo Service XSS Vulnerability in Marked Version 0.3.6 and Earlier: Data URI Parser Reflected and Stored XSS Vulnerabilities in flatCore-CMS 1.4.6 Reflected XSS Vulnerability in FineCMS 5.0.10 Weixin.php File Buffer Overflow Vulnerability in rust-base64 <= 0.5.1 during Base64 Encoding eZ Publish Search Module XSS Vulnerability CSRF Vulnerability in Vanilla Forums Allows Unauthorized Deletion of Topics and Comments Authentication Bypass Vulnerability in pysaml2 Version 4.4.0 and Older Open Redirect Vulnerability in Furikake WordPress Plugin (Version 0.1.0) Stack-Based Buffer Overflow in Creolabs Gravity 1.0 Operator_String_Add Function: Remote Code Execution Vulnerability User Data Manipulation via Path Manipulation Vulnerability in OMERO 5.3.3 or Earlier XSS Vulnerability in Passbolt API Version 1.6.4 and Older: URL Field in Password Workspace XSS Vulnerability in Eleix Openhacker v0.1.47 Bank Transactions Component Eleix Openhacker v0.1.47: SQL Injection Vulnerability in Account Registration and Login Component Null Pointer Dereference Vulnerability in ImageMagick 7.0.7-1 and Older Versions: Potential Denial of Service Directory Traversal Vulnerability in Structured Data Linter Allows Information Disclosure Integer Overflow Vulnerability in FillUniColor and FillUniGray Functions in OpenCV Command Injection Vulnerability in fs-git Version 1.0.1 XML Signature Wrapping Vulnerability in Samlify and Express-saml2: Impersonation of Arbitrary Users Smarty Templating Injection in CMS Made Simple Core Modules Allows Unauthenticated PHP Code Execution Smarty Template Injection in CMS Made Simple 2.1.6, 2.2, and 2.2.1: Local File Read and Inclusion Vulnerability Improper POSIX Hard Links in GuixSD: Violation of Security Assumption Boundary Validation Failure in TextPool::addWord Leads to Overflow in libpoppler 0.60.1 Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability in mojoPortal Help.aspx Out of Bounds Write Vulnerability in Bro v2.5.2 ContentLine Analyzer XSS Vulnerability in Leanote <= 2.5: Unsanitized Input in Markdown Notes NULL dereference exception caused by uninitialized get_bits context in libavcodec/h264dec.c:500 Vulnerability: Incorrect Access Control in Brave Browser's JS Fingerprinting Blocking Component Stored Cross-Site Scripting Vulnerability in BookStack Version 0.18.4 Stored Cross-Site Scripting Vulnerability in Leafpub Version 1.2.0-beta6 Stored Cross-Site Scripting Vulnerability in Sulu-standard Version 1.6.6 Stored Cross-Site Scripting Vulnerability in Invoice Ninja v3.8.1 Stored Cross-Site Scripting Vulnerability in LavaLite 5.2.4 Blog Creation Page Cobbler 2.8.2 Command Injection Vulnerability: Arbitrary Code Execution as Root User Integer Overflow in EmbedThis GoAhead Webserver: A Denial of Service Vulnerability NULL Pointer Dereference Vulnerability in EmbedThis GoAhead Webserver 4.0.0: Memory Corruption and Denial of Service Zip Path Traversal Vulnerability Multiple Command Injection Vulnerabilities in Linux Dash v2 Multiple SQL Injection and XSS Vulnerabilities in Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 Unquoted Path Service Vulnerability in FreeSSHd 1.3.1 ImageMagick 7.0.7-12 Q16 CPU Exhaustion Denial of Service Vulnerability XXE Vulnerability in XMLBundle version 0.1.7: Denial of Service Exploit Stored Cross-Site Scripting Vulnerability in ELabftw Version 1.7.8: Arbitrary JavaScript Execution and Denial of Service Vulnerability: Clickjacking Attack in pfSense Versions 2.4.1 and Lower PHP Code Injection Vulnerability in Smarty 3 before 3.1.32 Vulnerability: Open Redirect and Cross-Site Scripting (XSS) in Plone 2.5-5.1rc1 Plone 2.5-5.1rc1 Profile Home Page JavaScript Execution Vulnerability Plone 4 and 5: Private Content Access Vulnerability via str.format Open Redirect Vulnerability in Plone 2.5-5.1rc1 Insecure Permissions in Nylas Mail Lives 2.2.2 Expose Sensitive Authentication Information Remote Code Execution Vulnerability in Primetek Primefaces 5.x Command Injection Vulnerability in Plexus-utils before 3.0.16 Inline JS XSS Vulnerability in Mautic Forms with GET Parameter Pre-population SSO Plugin in Mautic Versions 2.0.0 - 2.11.0 Allows Disabled User Login via Email Address File Download Vulnerability in Mautic Versions 1.0.0 - 2.11.0 XSS Vulnerability in Shiba Markdown Live Preview App v1.1.0 with Enabled Node Integration Vulnerability in Leanote-desktop v2.5: XSS Exploit with Node Integration NoSQL Injection Vulnerability in Rocket.Chat Server 0.59 and Prior: Administrator Account Takeover Uninitialized Stack Variable Vulnerability in miniupnpd < 2.0 Stored Cross-site Scripting Vulnerability in QuickApps CMS 2.0.0: Exploiting User's Real Name Field for Denial of Service and Unauthorized Account Actions XXE Vulnerability in Commsy Version 9.0.0: Denial of Service and Remote Code Execution XXE Vulnerability in Pepperminty-Wiki v0.15: Denial of Service and Remote Code Execution AndroidSVG 1.2.2 Vulnerability: XXE Attacks in SVG Parsing Component Leading to Denial of Service and Remote Code Execution CSRF Vulnerability in phpMyAdmin versions 4.7.x Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Path Traversal Flaw in Awstats Version 7.6 and Earlier Allows Unauthenticated Remote Code Execution Arbitrary Shell Command Execution Vulnerability in Jenkins 1.37 and Earlier Race Condition Vulnerability in Jenkins Setup Wizard Initialization Race Condition Vulnerability in Jenkins Startup Process Arbitrary File Read Vulnerability in Jenkins Script Security Plugin Cross Site Scripting (XSS) Vulnerability in Mautic Version 2.11.0 and Earlier: Company Name Exploitation Cross Site Scripting (XSS) Vulnerability in Canvs Canvas Version 3.4.2 Allows for Denial of Service and JavaScript Code Execution Cross Site Scripting (XSS) Vulnerability in Invoice Plane 1.5.4 and Earlier Cross Site Scripting (XSS) Vulnerability in Dolibarr Version 6.0.2 Product Details Croogo version 2.3.1-17-g6f82e6c Cross Site Scripting (XSS) Vulnerability in Page Name Vulnerability in Oracle FLEXCUBE Private Banking Allows Unauthorized Data Manipulation WordPress <4.9 Thumbnail Processing Input Validation Remote Code Execution Vulnerability Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Private Banking Oracle FLEXCUBE Private Banking Unauthorized Read Access Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data manipulation Vulnerability in Oracle FLEXCUBE Private Banking FileUploads Component Arbitrary Page Modification Vulnerability in WordPress REST API Stored Cross-Site Scripting Vulnerability in PluXml Version 5.6 Allows Privilege Escalation Arbitrary Code Execution Vulnerability in math.js (before 3.17.0) Unicode Character Vulnerability in math.js (before 3.17.0) Allows Replacement of Private Properties Arbitrary Code Execution in typed-function Before 0.10.6 Oracle FLEXCUBE Private Banking Component Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Unauthenticated Takeover Vulnerability in Sun ZFS Storage Appliance Kit (AK) User Interface Vulnerability in Oracle Hospitality Hotel Mobile component allows unauthorized data manipulation Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Unauthenticated Takeover Vulnerability in Sun ZFS Storage Appliance Kit (AK) Vulnerability in PeopleSoft Enterprise PeopleTools Workcenter Component Vulnerability in PeopleSoft Enterprise FSCM Component Allows Unauthorized Data Manipulation Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Unauthenticated File Upload Vulnerability in Mobile-Friendly-App-Builder-by-EasyTouch Plugin v3.0 Unlicensed Vulnerability in Mobile App Builder by Wappress v1.05 Plugin Unlicensed Vulnerability in WordPress Plugin WebApp-Builder v2.0 Unlicensed Vulnerability in WordPress Plugin wp2android-turn-wp-site-into-android-app v1.1.4 SQL Injection Vulnerability in DTracker v1.5 WordPress Plugin SQL Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthorized Contact Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthorized Contact Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthenticated File Download Vulnerability in WordPress Plugin Membership Simplified for OAP Members Only v1.58 Blind SQL Injection Vulnerability in Membership Simplified v1.58 WordPress Plugin Blind SQL Injection Vulnerability in Membership Simplified v1.58 WordPress Plugin Stored XSS Vulnerability in WordPress Plugin Image-Gallery-with-Slideshow v1.5.2 SQL Injection Vulnerability in image-gallery-with-slideshow v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Unauthenticated File Upload Vulnerability in flickr-picture-backup v0.7 WordPress Plugin Stored XSS Vulnerability in WordPress Plugin Gift-Certificate-Creator v1.0 Blind SQL Injection Vulnerability in Eventr WordPress Plugin v1.02.2 Blind SQL Injection Vulnerability in Eventr WordPress Plugin v1.02.2 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in Easy Team Manager v1.3.2 Plugin Unauthenticated File Upload Vulnerability in Kind Editor v4.1.12 SQL Injection Vulnerability in WordPress Plugin add-edit-delete-listing-for-member-module v1.0 SQL Injection Vulnerability in Event Expresso Free v3.1.37.11.L WordPress Plugin SQL Injection Vulnerability in rk-responsive-contact-form v1.0 Plugin SQL Injection Vulnerability in WordPress Gallery Transformation Plugin v1.0 Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Default Access Permissions for Persistent Volumes in Kubernetes Azure Provider Expose Unauthenticated Public Access Kubernetes Subpath Volume Mount Vulnerability Arbitrary File/Directory Deletion Vulnerability in Kubernetes Open Redirect Vulnerability in python-fedora 0.8.0 and lower: CSRF Protection Loss Improper Authorization in Pagure 3.3.0 and Earlier Leads to Loss of Confidentiality Cross-Site Scripting (XSS) Vulnerability in Bodhi 2.9.0 and Lower Koji 1.13.0 SCM Path Validation Bypass Vulnerability Unsafe Function in modulemd 1.3.1 and Earlier Allows Remote Code Execution Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Private Banking Unescaped Single Quote Vulnerability in Haml Oracle FLEXCUBE Private Banking Component Unauthorized Access Vulnerability Vulnerability in Oracle BI Publisher Layout Tools: Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher Allows Unauthorized Access and Data Manipulation Oracle SOA Suite Fabric Layer Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle Communications Convergence Component: Unauthorized Data Access and Manipulation Oracle Transportation Management Access Control List Vulnerability Oracle WebCenter Sites Support Tools Unauthenticated Access Vulnerability Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware: Unauthorized Access and Data Compromise Solaris NFSv4 Denial of Service Vulnerability Oracle BI Publisher Web Service API Unauthenticated Access Vulnerability Critical Data Access Vulnerability in Primavera P6 Enterprise Project Portfolio Management Oracle Agile PLM Web Client Vulnerability Vulnerability in Oracle WebCenter Content component allows unauthorized access and data manipulation Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) Solaris IKE Denial of Service Vulnerability Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware Vulnerability in Oracle Hospitality Reporting and Analytics component allows unauthorized data access and manipulation Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Vulnerability in Primavera P6 Enterprise Project Portfolio Management: Unauthorized Data Access and Manipulation Vulnerability in MICROS BellaVita Component of Oracle Hospitality Applications: Unauthorized Data Access and Manipulation Oracle Enterprise Repository Web Interface Unauthenticated Remote Code Execution Vulnerability Vulnerability in Siebel Core CRM component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality Suite8 WebConnect Component Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Java SE, Java SE Embedded, and JRockit: Unauthorized Partial Denial of Service Oracle Hospitality Cruise Materials Management Component Vulnerability Vulnerability in Oracle iPlanet Web Server Allows Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality 9700 Component Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub Discussion Forum Component Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Data Access and Modification Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service) allows unauthorized access and data manipulation Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component Solaris Solaris Component Oracle Java Web Console Vulnerability Vulnerability in Oracle WebLogic Server component of Oracle Fusion Middleware: Unauthorized Data Access and Partial Denial of Service Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Data Access and Manipulation Oracle Retail Point-of-Service Vulnerability: Unauthorized Data Access and Modification Oracle E-Business Suite Oracle Forms Unauthenticated Access Vulnerability Java SE Vulnerability: Unauthenticated Takeover via Multiple Protocols Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Access and Data Compromise Oracle Payment Interface Vulnerability: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE Allows Unauthorized Takeover Vulnerability in Oracle WebCenter Content component allows unauthorized access and data compromise Vulnerability in Oracle Hospitality Simphony First Edition Venue Management component allows unauthorized data access and manipulation Oracle Applications DBA Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation Vulnerability in Oracle Java SE: Unauthorized Access and Data Manipulation Oracle Hospitality Suites Management Component Vulnerability Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE Allows Unauthorized Data Access Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation Oracle FLEXCUBE Universal Banking Report Generator Unauthorized Access Vulnerability Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Access and Data Manipulation Java SE JavaFX Vulnerability: Unauthenticated Takeover of Java SE Critical Vulnerability in Oracle Java SE: Compromise of Java SE and Java SE Embedded Oracle Agile PLM Component Vulnerability: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE ImageIO Component: Remote Code Execution Java SE and Java SE Embedded Vulnerability: Unauthorized Takeover Vulnerability in Oracle Enterprise Manager Base Platform Allows Unauthorized Data Access and Modification Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Oracle Agile PLM Unauthenticated Read Access Vulnerability Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Solaris Kernel Unauthorized Data Access Vulnerability Vulnerability in Java SE and Java SE Embedded: JAXP Component Oracle Hospitality Reporting and Analytics Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle SPARC M7, T7, S7 Servers Firmware: Unauthorized Denial of Service (DoS) Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Java SE and Java SE Embedded: JAXP Component Java SE, Java SE Embedded RMI Vulnerability Oracle FLEXCUBE Private Banking Component Unauthorized Access Vulnerability Vulnerability in Java Advanced Management Console allows unauthorized access and data manipulation Vulnerability in Oracle Java SE Deployment Component (CVE-2017-10271) Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component Vulnerability in Java SE RMI Component Allows Unauthorized Takeover Java SE, Java SE Embedded, JRockit Serialization Vulnerability Java SE, Java SE Embedded, JRockit Serialization Vulnerability Java SE AWT Component Vulnerability Vulnerability in Oracle Java SE: Unauthenticated Remote Code Execution Oracle iStore User Registration Vulnerability Oracle Common Applications Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Java SE with JavaFX Component: Unauthenticated Remote Code Execution Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Java SE, Java SE Embedded, JRockit Vulnerability: Unauthenticated Remote Code Execution Java Advanced Management Console Server Vulnerability: Unauthorized Data Access Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Vulnerability in Oracle Service Bus component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise Oracle Database Server RDBMS Security Component Unauthorized Data Access Vulnerability Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Access and Data Manipulation Solaris Kernel Unauthorized Data Access Vulnerability Unauthorized Read Access Vulnerability in Oracle WebLogic Server Java SE Deployment Vulnerability: Potential Takeover and Impact on Additional Products Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Data Access and Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Remote Takeover Vulnerability in Oracle iStore User Management Component of Oracle E-Business Suite Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (Web Access) Unauthorized Data Manipulation Vulnerability in Oracle Hospitality Hotel Mobile (Suite8/iOS) Unauthorized Data Manipulation Vulnerability in Oracle Hospitality Hotel Mobile Vulnerability in PeopleSoft Enterprise FSCM eProcurement Component (9.2) Allows Unauthorized Data Access Unauthenticated Access Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (CVE-2017-10271) Oracle Hospitality Simphony Import/Export Component Vulnerability Critical Vulnerability in Oracle WebLogic Server (JNDI Subcomponent) Allows Unauthorized Takeover Undocumented Functionality in Berkeley DB Allows Privilege Escalation in Postfix Oracle Outside In Technology Component Denial of Service Vulnerability Vulnerability in Oracle Hospitality Reporting and Analytics Component: Unauthorized Data Access and Manipulation Oracle CRM Technical Foundation Component Vulnerability Oracle Applications Manager Denial of Service Vulnerability Vulnerability in Java Advanced Management Console allows unauthorized access and partial denial of service Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component Vulnerability in Oracle WebLogic Server Allows Unauthorized Server Shutdown Vulnerability in Oracle WebLogic Server allows unauthorized data manipulation Vulnerability in Primavera Unifier component of Oracle Primavera Products Suite: Unauthorized Data Access and Manipulation Unauthenticated Data Manipulation Vulnerability in Primavera Unifier Critical Vulnerability in Oracle Identity Manager Allows Unauthorized Takeover Oracle WebLogic Server Remote Code Execution Vulnerability Vulnerability in Oracle Communications WebRTC Session Controller: Unauthorized Hang or Crash Unauthenticated Read Access Vulnerability in Oracle Access Manager MySQL Server Pluggable Auth Vulnerability Vulnerability in Oracle BI Publisher component allows unauthorized access and data compromise Vulnerability in Oracle BI Publisher component allows unauthorized data access and manipulation Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and manipulation Vulnerability in Oracle Communications Policy Management component allows unauthorized data access and manipulation Unauthorized Read Access Vulnerability in Primavera P6 Enterprise Project Portfolio Management Oracle Engineering Data Management Web Services Security Vulnerability Vulnerability in Siebel Core - Server Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Data Access and Modification Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component MySQL Server Replication Vulnerability Unauthenticated Remote Code Execution Vulnerability in Oracle Security Service MySQL Server Optimizer Denial of Service Vulnerability Physical Access Vulnerability in Oracle Hospitality Hotel Mobile Component (Suite 8/Windows) Critical Data Access Vulnerability in Oracle Hospitality 9700 Component Oracle Field Service Component Vulnerability in Oracle E-Business Suite Oracle E-Business Suite Oracle Marketing Component Home Page Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Retail Open Commerce Platform: Unauthorized Data Access and Manipulation Vulnerability in Oracle Retail Open Commerce Platform Allows Unauthorized Data Manipulation Oracle iSupport Component Vulnerability in Oracle E-Business Suite Oracle iSupport Unauthorized Data Access Vulnerability Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Oracle E-Business Suite Flexfields Unauthorized Data Access Vulnerability Vulnerability in Oracle WebLogic Server Allows Unauthorized Data Access and Manipulation Vulnerability in Application Management Pack for Oracle E-Business Suite allows unauthorized data access and manipulation Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle FLEXCUBE Direct Banking: Unauthorized Access and Denial of Service Oracle Hospitality OPERA 5 Property Services Component Unauthorized Access Vulnerability Vulnerability in Oracle Retail Xstore Point of Service component allows unauthorized access and data manipulation Oracle Field Service Unauthenticated Read Access Vulnerability Oracle CRM Technical Foundation User Management Vulnerability Oracle iStore User and Company Profile Unauthorized Data Access Vulnerability Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Data Access and Partial Denial of Service Critical Data Access Vulnerability in Oracle Hospitality Hotel Mobile Component Critical Data Access Vulnerability in Oracle Hospitality Suite8 (Leisure Subcomponent) Vulnerability in Java VM component of Oracle Database Server: Privilege Escalation and Takeover Oracle Web Analytics Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle iStore Shopping Cart Unauthorized Data Access Vulnerability Unauthenticated Remote Code Execution Vulnerability in Oracle Java SE Unauthorized Read Access Vulnerability in Oracle Integrated Lights Out Manager (ILOM) Oracle Hospitality Simphony Import/Export Unauthorized Data Manipulation Vulnerability Oracle Outside In Technology Component Denial of Service Vulnerability Physical Access Vulnerability in Oracle Hospitality OPERA 5 Property Services Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Oracle iLearning Component Vulnerability: Unauthorized Access and Data Compromise Oracle Hospitality e7 Vulnerability: Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality e7 Component Vulnerability in OJVM component of Oracle Database Server (CVE-2020-14882) Vulnerability in MySQL Connectors: Unauthorized Partial Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Remote Takeover Unauthorized Read Access Vulnerability in Oracle Hospitality Simphony Oracle Hospitality Simphony Engagement Component Vulnerability Oracle Hospitality Simphony Component Denial of Service Vulnerability Unauthorized Read Access Vulnerability in Oracle Hospitality e7 Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Data Access and Partial Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle Hospitality Suite8 WebConnect Component (CVE-2021-XXXX) Oracle Hospitality Suite8 WebConnect Unauthorized Access Vulnerability Unauthenticated Access Vulnerability in Oracle Hospitality Suite8 (WebConnect Subcomponent) Oracle Retail Xstore Point of Service Unauthenticated Remote Access Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_DEFN_CATG) - Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality Property Interfaces (Parser Component) Oracle Hospitality Guest Access Component Unauthorized Data Manipulation Vulnerability Oracle Hospitality Guest Access Unauthorized Data Access Vulnerability Oracle Hospitality Guest Access Component Unauthorized Access Vulnerability Oracle Hospitality Property Interfaces Parser Vulnerability Oracle Hospitality RES 3700 Component Unauthorized Access Vulnerability Vulnerability in Oracle Hospitality Materials Control component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Materials Control component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Inventory Management component of Oracle Hospitality Applications Oracle Hospitality RES 3700 Physical Access Vulnerability Oracle Hospitality Cruise Fleet Management Component Unauthorized Access Vulnerability MySQL Server Denial of Service Vulnerability Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Data Access and Manipulation Oracle Hospitality Cruise Materials Management Event Viewer Unauthorized Data Access Vulnerability Vulnerability in Oracle Hospitality Cruise Dining Room Management: Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality Cruise AffairWhere Component Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Access and Data Compromise Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Solaris Cluster Vulnerability: Unauthorized Takeover of Solaris Cluster Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (JAX-WS Subcomponent) Allows Unauthorized Data Access and Partial Denial of Service Oracle E-Business Suite Attachment Vulnerability Oracle General Ledger Account Hierarchy Manager Unauthenticated Remote Access Vulnerability Vulnerability in Oracle E-Business Suite's Oracle Application Object Library (iHelp Subcomponent) Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component Critical Vulnerability in Oracle PeopleSoft Products: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools Test Framework Allows Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub component: Unauthorized Data Access and Manipulation Oracle Access Manager Component Vulnerability: Unauthorized Access to Critical Data Oracle Integrated Lights Out Manager (ILOM) Denial of Service Vulnerability XML Database Component Vulnerability in Oracle Database Server Unauthenticated Remote Code Execution Vulnerability in Oracle Access Manager (CVE-2021-12345) Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Access and Data Compromise Siebel UI Framework Denial of Service Vulnerability Oracle Integrated Lights Out Manager (ILOM) Prior to 3.2.6 Unauthenticated Remote Code Execution Vulnerability Oracle Tuxedo Jolt Vulnerability Oracle Tuxedo Jolt Vulnerability Critical Vulnerability in Oracle MySQL Server: Unauthorized Access to Critical Data Oracle Tuxedo Core Component Vulnerability Oracle Identity Manager Connector Vulnerability: Unauthorized Access and Data Manipulation Oracle WebLogic Server T3 Network Access Vulnerability Oracle Tuxedo Component Vulnerability in Oracle Fusion Middleware Vulnerability in Oracle JDeveloper Deployment Component: Unauthorized Data Access and Partial Denial of Service Java SE Smart Card IO Vulnerability Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Denial of Service MySQL Server Denial of Service Vulnerability Vulnerability in MySQL Connectors: Unauthorized Data Access and Manipulation Oracle Tuxedo Component Vulnerability: Unauthorized Access and Data Compromise MySQL Server Denial of Service Vulnerability Critical Data Access Vulnerability in Oracle PeopleSoft Products Java SE, Java SE Embedded, JRockit Serialization Vulnerability Oracle Database Server Core RDBMS Component Vulnerability MySQL Server Performance Schema Denial of Service Vulnerability MySQL Server Stored Procedure Denial of Service Vulnerability Vulnerability in Java SE RMI Component Allows Unauthorized Takeover MySQL Server Denial of Service Vulnerability Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Strategic Sourcing Component Oracle Database Server RDBMS Security Component Unauthorized Data Access Vulnerability Vulnerability in Java SE Javadoc Component Allows Unauthorized Data Access MySQL Server Optimizer Denial of Service Vulnerability Vulnerability in Oracle Java SE Networking Component MySQL Server Denial of Service Vulnerability Oracle Agile PLM Unauthorized Read Access Vulnerability Unauthenticated Remote Code Execution Vulnerability in Siebel CRM Desktop Component of Oracle Siebel CRM Critical Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub Allows Unauthorized Access and Data Manipulation Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Interaction Center Intelligence component of Oracle E-Business Suite (Setup) allows unauthorized access and data compromise Vulnerability in PeopleSoft Enterprise HCM Component of Oracle PeopleSoft Products (9.2) Vulnerability in PeopleSoft Enterprise HCM Component of Oracle PeopleSoft Products (9.2) Allows Unauthorized Data Access Oracle Agile PLM Component Physical Access Vulnerability Vulnerability in Oracle Java SE Deployment Component: Unauthorized Access and Partial Denial of Service Oracle Hyperion Financial Reporting Component Vulnerability MySQL Server FTS Component Denial of Service Vulnerability Oracle Hyperion BI+ Component Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in MySQL Server Component: Group Replication GCS (CVE-2017-3636) MySQL Server Component Vulnerability: Unauthorized Hang and Crash Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Oracle Hospitality Suite8 WebConnect Unauthorized Access Vulnerability Unauthenticated Unauthorized Read Access Vulnerability in Oracle Hospitality Suite8 Unauthenticated Remote Data Read Access Vulnerability in Oracle Hospitality Suite8 Unauthenticated Read Access Vulnerability in Oracle Hospitality Suite8 Title: High-Privilege Network Access Vulnerability in MySQL Server (InnoDB Component) Vulnerability in Core RDBMS component of Oracle Database Server: Privilege Escalation and Takeover Oracle Common Applications Calendar Unauthenticated Access Vulnerability Vulnerability in Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle E-Business Suite Oracle Forms Unauthenticated Read Access Vulnerability Oracle Common Applications Calendar Unauthenticated Remote Code Execution Vulnerability Oracle Common Applications Calendar Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Oracle E-Business Suite Application Object Library Unauthorized Access Vulnerability Oracle Global Order Promising Component Vulnerability Oracle Common Applications Gantt Server Unauthenticated Remote Access Vulnerability Oracle E-Business Suite Application Object Library Unauthorized Read Access Vulnerability Oracle Universal Work Queue Unauthenticated Access Vulnerability Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Partial Denial of Service Oracle WebLogic Server Unauthorized Read Access Vulnerability Elastic Search Vulnerability in PeopleSoft Enterprise PT PeopleTools Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability Oracle Hospitality Suite8 Leisure Component Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Access and Data Compromise Unauthenticated Remote Access Vulnerability in Oracle Hospitality Suite8 Oracle Hospitality Simphony Import/Export Unauthenticated Access Vulnerability Java Advanced Management Console Server Unauthenticated Access Vulnerability Java Advanced Management Console Server Unauthenticated Remote Denial of Service Vulnerability Oracle Hospitality Simphony Import/Export Vulnerability Oracle Hospitality Simphony Import/Export Unauthenticated Remote Code Execution Vulnerability Java SE, Java SE Embedded, JRockit Serialization Vulnerability Critical Vulnerability in Oracle Java SE: Remote Code Execution and Takeover Java SE, JRockit Serialization Vulnerability Vulnerability in Oracle Java SE Allows Partial Denial of Service Vulnerability in Oracle Java SE: Unauthorized Partial Denial of Service (CVE-2017-10295) Vulnerability in JAX-WS component of Oracle Java SE: Unauthorized Partial Denial of Service Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability Oracle Hospitality Hotel Mobile Component Unauthorized Access Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Access and Data Compromise Java SE, Java SE Embedded, JRockit Networking Vulnerability Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Vulnerability in Java SE Serialization Component Oracle Hyperion Financial Reporting Vulnerability Oracle Hyperion BI+ Component Vulnerability: Unauthorized Data Access and Manipulation Oracle WebCenter Content Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Data Access and Partial Denial of Service Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and partial denial of service Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Modification Vulnerability in MySQL Server: Unauthorized Data Access and Partial Denial of Service Critical Vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools Vulnerability in Oracle Hospitality Simphony component allows unauthorized data access and manipulation Vulnerability in PeopleSoft Enterprise SCM eProcurement: Unauthorized Data Access and Manipulation Oracle Virtual Directory Takeover Vulnerability Vulnerability in Oracle Hospitality Guest Access component allows unauthorized access and data compromise Vulnerability in Oracle Hospitality Guest Access component allows unauthorized data access and system compromise Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PT PeopleTools Vulnerability in Oracle Hospitality Guest Access component allows unauthorized data access MySQL Server Denial of Service Vulnerability Vulnerability in MySQL Server Allows Unauthorized Access to Critical Data Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Unauthenticated Read Access Vulnerability in Oracle Hospitality Guest Access MySQL Server Denial of Service Vulnerability Oracle GlassFish Server Web Container Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Data Access and Manipulation Oracle E-Business Suite CRM Technical Foundation Preferences Unauthenticated Access Vulnerability Vulnerability in Java SE Kerberos Client Allows Unauthorized Takeover Vulnerability in Oracle Hospitality Suite8 component of Oracle Hospitality Applications (PMS subcomponent) Vulnerability in Oracle GlassFish Server Allows Unauthorized Access and Data Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Oracle GlassFish Server Web Container Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and partial denial of service Oracle Hospitality Cruise Fleet Management Component Unauthorized Data Access Vulnerability Vulnerability in Oracle Hospitality Cruise AffairWhere component: Takeover Exploit Oracle Hospitality Cruise Fleet Management BaseMasterPage Unauthenticated Access Vulnerability Oracle Hospitality Cruise Fleet Management Component Vulnerability Oracle Hospitality Cruise Fleet Management Component Partial Denial of Service Vulnerability Vulnerability in Oracle GlassFish Server Administration GUI Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality Cruise Materials Management: Unauthorized Data Access and System Compromise Critical Vulnerability in Oracle Hospitality Reporting and Analytics Component Vulnerability in Oracle Hospitality Reporting and Analytics component allows for takeover Oracle Hospitality Reporting and Analytics Component Takeover Vulnerability Oracle Hospitality Reporting and Analytics Component Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Oracle iStore Merchant UI Unauthenticated Access Vulnerability Oracle E-Business Suite Knowledge Management Component Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Knowledge Management component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Knowledge Management component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Mobile Field Service component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle iStore Checkout and Order Placement Vulnerability Oracle iSupport Component Vulnerability in Oracle E-Business Suite Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PT PeopleTools component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Suite8 PMS Component (CVE-2021-XXXX) Vulnerability in Oracle Hospitality Suite8 component of Oracle Hospitality Applications (Leisure subcomponent) allows unauthorized data access and partial denial of service Oracle Hospitality Suite8 Leisure Component Vulnerability Unauthenticated Remote Access Vulnerability in Oracle PeopleSoft Products (CVE-XXXX) Vulnerability in Oracle Retail Back Office component allows unauthorized data access and manipulation Vulnerability in MySQL Enterprise Monitor: Unauthorized Takeover Vulnerability in Oracle Hospitality Simphony component allows unauthorized data access and manipulation Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component Vulnerability in Oracle Retail Xstore Point of Service component allows unauthorized access and data manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30 Privilege Escalation Vulnerability in ubuntu-image 1.0 Unauthenticated Login Vulnerability in Juniper Networks Junos OS Buffer Overflow Vulnerability in Junos OS CLI Allows Local Authenticated User to Execute Code with Root Privileges XML Injection Vulnerability in Junos OS CLI Allows Privilege Escalation Account Lockout Vulnerability in Juniper Networks Junos OS on SRX Series Denial of Service Vulnerability in Juniper Networks vSRX and SRX Series Devices TPM Firmware Weakness in Juniper Networks SRX300 Series Denial of Service Vulnerability in Juniper Networks Junos OS 16.1R1 and Services Releases Denial of Service Vulnerability in Juniper Networks SRX Series Devices with Sun/MS-RPC ALGs Denial of Service Vulnerability in SRX Series Devices with NAT64 Configuration Denial of Service Vulnerability in Juniper Networks Junos OS Persistent XSS Vulnerability in Juniper Networks Junos Space Juniper Networks Junos OS Loopback Filter Action Command Vulnerability Denial of Service Vulnerability in Junos OS Telnetd Service Pluggable Authentication Module (PAM) Vulnerability in Juniper Networks Junos OS Hard-coded Credentials Vulnerability in Juniper Networks Contrail Releases Contrail ifmap Service XML External Entity (XXE) Vulnerability BGP UPDATE Transitive Attribute Crash Vulnerability Denial of Service Vulnerability in Juniper Networks SRX High-End Platforms with Express Path Configuration Vulnerability: Lack of HTTPS Server Certificate Verification in Juniper Networks Junos OS on SRX Series Devices Denial of Service Vulnerability in Juniper Networks Junos OS Telnetd Service Authentication Bypass Vulnerability in Juniper Networks Junos Space Network Management Platform Vulnerability: Lack of Authentication and Authorization in Juniper Networks Junos Space Cluster Messages Insufficient Verification of Node Certificates in Juniper Networks Junos Space: Unauthorized Modifications and Node Addition Vulnerability Race condition in fs/timerfd.c in the Linux kernel before 4.10.15: Privilege escalation and denial of service vulnerability Unvalidated Segment Count in sanity_check_raw_super Function in Linux Kernel Privilege Escalation Vulnerability in Linux Kernel's sanity_check_ckpt Function QEMU-NBD Denial of Service Vulnerability Arbitrary Code Execution via Directory Traversal in Kayson Group Ltd. phpGrid Cross-Site Scripting (XSS) Vulnerability in Zen Cart 1.6.0 via products_id Parameter in index.php Padding Oracle Vulnerability in OSCI-Transport 1.2 Signature Wrapping Vulnerability in OSCI-Transport 1.2 XML External Entity (XXE) Vulnerability in OSCI-Transport Library 1.2 Heap-based Buffer Overflow in de_dotdot function in libhttpd.c in sthttpd XML-LibXML Module Use-After-Free Remote Code Execution Vulnerability XSS Vulnerability in GetSimple CMS 3.x Admin Profile Name Field Denial of Service Vulnerability in Antiy Antivirus Engine 5.0.0.06281654 Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-600M Devices CSRF Vulnerability in Linksys EA4500 Firmware Version before 2.1.41.164606 CSRF Vulnerability in Piwigo Allows Unauthorized Deletion of Permalinks Information Disclosure Vulnerability in Piwigo 2.9.1 CSRF Vulnerability in Piwigo Allows Unauthorized Album Access CSRF Vulnerability in Piwigo Allows Unauthorized Album Unlocking SQL Injection Vulnerability in Piwigo Administrative Backend Heap-Based Buffer Over-Read Vulnerability in mpg123 1.25.0's convert_latin1 Function Stack-based Buffer Overflow in fmt_entry function of ncurses 6.0 Allows Remote Arbitrary Code Execution Remote Code Execution Vulnerability in ncurses 6.0's fmt_entry Function Multiple Heap Use After Free Vulnerabilities in NASM 2.14rc0 Heap-based Buffer Over-read in LibSass 3.4.5: Remote Denial of Service Vulnerability Remote Denial of Service Vulnerability in LibTIFF 4.0.8 World-Writable Module Installation Vulnerability in Previous Versions of Puppet Agent Unauthorized Retrieval of Facts in Puppet Agent Out-of-Bounds Heap Memory Write Vulnerability in avcodec 2.2.x Arbitrary Command Execution Vulnerability in QNAP NAS 4.3.3.0229 Medialibrary Component Arbitrary Web Script Injection Vulnerability in SAP Enterprise Portal 7.50 Stack-Based Buffer Overflow in Antiy Antivirus Engine when Scanning Special ZIP Archive Arbitrary Code Execution via Path Traversal in Apport Bypassing Lockscreen PIN on Elephone P9000 Devices CSRF Vulnerability in SimpleRisk 20170614-001 Allows XSS Injection via User Parameter Title: Critical Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access and Control Title: Critical Vulnerability: Shekar Endoscope's Default Wi-Fi Credentials Jeopardize IoT Security Stack Overflow Vulnerability in Shekar Endoscope Desktop Application Default Telnet Functionality in Shekar Endoscope Firmware: A Gateway to Unauthorized Access and Potential Network Breach Stack Overflow Vulnerability in Shekar Endoscope Desktop Application Title: Remote Code Execution Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access to Video Feed and Potential Breach of Air Gapped Networks Title: Remote Code Execution Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access to Video Feed and Potential Breach of Air Gapped Networks Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Stack Buffer Overrun Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Stack Buffer Overrun Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution via Crafted .rle File in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution via Crafted .rle File in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File WEBrick Library Remote Command Execution Vulnerability Use-after-free vulnerability in DBD::mysql module for Perl allows remote attackers to cause denial of service or other impact Cleartext-Downgrade Vulnerability in DBD::mysql Module NULL Pointer Dereference Vulnerability in _asn1_check_identifier Function Integer Overflow Vulnerability in libpspp's hash_int Function Remote Denial of Service Vulnerability in libpspp's ll_insert() Function AT&T U-verse 9.2.2h0d83 Firmware Vulnerability: Unauthorized Access to Sensitive Information Buffer Overflow Vulnerability in GraphicsMagick 1.3.25 TIFF Processing Arbitrary Script Injection in Subrion CMS 4.1.4 via blog/add/ Endpoint Unauthenticated Access to Video and Audio on TP-Link NC250 Devices Cross-Site Scripting (XSS) Vulnerability in ObjectPlanet Opinio before 7.6.4 Denial of Service Vulnerability in GraphicsMagick 1.3.25's ReadDPXImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.25: Out-of-Memory Error in ReadMATImage() XSS Vulnerability in phpSocial (formerly phpDolphin) before 3.0.1 via PATH_INFO Arbitrary Code Execution via Insecure Handling of Anonymization Data in Odoo Database Anonymization Module Authentication Bypass Vulnerability in Odoo 8.0 and 9.0 OAuth Session Hijacking Vulnerability in Odoo QEMU Stack-Based Buffer Overflow in hw/usb/redirect.c Unauthenticated SASL ANONYMOUS Authentication in JabberD 2.x Kernel Panic Vulnerability in FreeBSD's ipfilter with keep state or keep frags options Memory Leak in virtio_gpu_object_create Function in Linux Kernel Arbitrary OS Command Execution Vulnerability in Buffalo WCR-1166DS Firmware 1.30 and Earlier Untrusted Search Path Vulnerability in Photo Collection PC Software Ver.4.0.2 and Earlier Arbitrary OS Command Execution Vulnerability in CG-WLR300NM Firmware Version 1.90 and Earlier CG-WLR300NM Firmware version 1.90 and earlier Buffer Overflow Vulnerability Authentication Bypass Vulnerability in MaLion Remote Control MaLion for Windows and Mac SQL Injection Vulnerability in Relay Service Server Authentication Bypass Vulnerability in MaLion for Windows and Mac 5.0.0 to 5.2.1 Hardcoded Cryptographic Key Vulnerability in MaLion for Windows and Mac Certificate Validation Vulnerability in MaLion for Mac 4.3.0 to 5.2.1 Excessive Stack Usage and Potential Overflow in qsort Algorithm Untrusted Search Path Vulnerability in IP Messenger for Win Installer Untrusted Search Path Vulnerability in Shin Kikan Toukei Houkoku Data Nyuryokuyou Program Installer Untrusted Search Path Vulnerability in Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program Installer Untrusted Search Path Vulnerability in Shin Kinkyuji Houkoku Data Nyuryoku Program Installer Untrusted Search Path Vulnerability in TDB CA TypeA Software Version 5.2 and Earlier Untrusted Search Path Vulnerability in Flets Easy Setup Tool Installer Untrusted Search Path Vulnerability in Security Kinou Mihariban v1.0.21 and Earlier Untrusted Search Path Vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and Earlier Untrusted Search Path Vulnerability in Flets Install Tool Allows Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in Enkaku Support Tool Stack Guard-Page Vulnerability in FreeBSD Untrusted Search Path Vulnerability in Security Setup Tool Allows Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in CRCA User's Software Ver1.8 and Earlier Remote Code Execution in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Unspecified Remote Access Restriction Bypass in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Arbitrary File Read Vulnerability in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Code Injection Vulnerability in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Untrusted Search Path Vulnerability in Optimal Guard 1.1.21 and Earlier: Privilege Escalation via Trojan Horse DLL Arbitrary Code Injection Vulnerability in BackupGuard prior to version 1.1.47 Arbitrary Code Injection Vulnerability in SEO Panel Prior to Version 3.11.0 SQL Injection Vulnerability in SEO Panel (Versions prior to 3.11.0) Allows Arbitrary SQL Command Execution Stack Guard-Page Vulnerability in FreeBSD Arbitrary Code Injection Vulnerability in WebCalendar 1.2.7 and Earlier WebCalendar 1.2.7 and Earlier Directory Traversal Vulnerability Arbitrary SQL Command Execution Vulnerability in baserCMS 3.0.14 and earlier, 4.0.5 and earlier Arbitrary File Deletion Vulnerability in baserCMS Arbitrary PHP Code Execution Vulnerability in baserCMS 3.0.14 and earlier, 4.0.5 and earlier Backdoor Account Vulnerability in Wi-Fi STATION L-02F Software Bypassing Access Restrictions in Wi-Fi STATION L-02F Software Version V10b and Earlier Untrusted Search Path Vulnerability in DocuWorks Installers and Viewer Light Untrusted Search Path Vulnerability in DocuWorks 8.0.7 and Earlier Stack Memory Corruption Vulnerability in FreeBSD Untrusted Search Path Vulnerability in ART EX Driver Installers for ApeosPort-VI and DocuCentre-VI Series Untrusted Search Path Vulnerability in ContentsBridge Utility Installer Buffer Overflow Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier: Arbitrary Code Execution Arbitrary Command Execution Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier Authentication Bypass and Password Change Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier Untrusted Search Path Vulnerability in FENCE-Explorer for Windows V8.4.1 and Earlier Vulnerability: Temporary Failure of Encrypted Communications in SEIL Devices Authentication Bypass Vulnerability in Cybozu Office 10.0.0 to 10.6.1 via Cabinet Function Untrusted Search Path Vulnerability in i-filter 6.0 Install Program Untrusted Search Path Vulnerability in i-filter 6.0 Installer Kernel Stack Information Leak in FreeBSD Untrusted Search Path Vulnerability in i-Filter 6.0 Installer QND Advance/Standard Directory Traversal Vulnerability Insecure Token Signature Verification in jwt-scala 1.2.2 and Earlier Untrusted Search Path Vulnerability in HIBUN Confidential File Decryption Program Untrusted Search Path Vulnerability in HIBUN Confidential File Viewer Installer Untrusted Search Path Vulnerability in HIBUN Confidential File Decryption Program Denial of Service Vulnerability in H2O Server Buffer Overflow Vulnerability in H2O Server 2.2.2 and Earlier Globally Scoped Named Paths Vulnerability in FreeBSD 10.x Memory Corruption Vulnerability in Rakuraku Hagaki and Ichitaro allows Arbitrary Code Execution Arbitrary Code Execution Vulnerability in NTT DOCOMO Wi-Fi STATION L-02F Software Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) Authentication Bypass Vulnerability in OpenAM (Open Source Edition) PWR-Q200 DNS Cache Poisoning Vulnerability Unspecified Vector Denial of Service Vulnerability in I-O DATA DEVICE LAN DISK Connect Ver2.02 and Earlier Kernel Stack Information Leak Vulnerability in FreeBSD Untrusted Search Path Privilege Escalation Vulnerability Arbitrary Web Script Injection Vulnerability in CS-Cart Japanese Edition v4.3.10 and Earlier Untrusted Search Path Vulnerability in BOOK WALKER for Windows Ver.1.2.9 and Earlier Local File Access Vulnerability in BOOK WALKER for Windows and Mac XML External Entity (XXE) Vulnerability in TablePress Session Management Vulnerability in RX-V200, RX-V100, RX-CLV1-P, RX-CLV2-B, and RX-CLV3-N Firmware Versions Untrusted Search Path Privilege Escalation Vulnerability in Media Go Untrusted Search Path Vulnerability in Music Center for PC Version 1.0.00 Untrusted Search Path Vulnerability in The Public Certification Service for Individuals The JPKI User's Software Ver3.1 and Earlier Denial of Service Vulnerability in StreamRelay.NET.exe ver2.14.0.7 and Earlier Denial of Service Vulnerability in sDNSProxy.exe ver1.1.0.0 and Earlier Cross-Site Scripting Vulnerability in Buffalo BBR-4HG and BBR-4MG Broadband Routers Unspecified Vector Input Validation Vulnerability in Buffalo BBR-4HG and BBR-4MG Broadband Routers Arbitrary SQL Command Execution Vulnerability in A-Member and A-Member for MT Cloud Versions 3.8.6 and Earlier Arbitrary SQL Command Execution Vulnerability in A-Reserve and A-Reserve for MT Cloud Versions 3.8.6 and Earlier Remote Access Bypass Vulnerability in PTW-WMS1 Firmware Version 2.000.012 PTW-WMS1 Firmware Version 2.000.012 Buffer Overflow Vulnerability Arbitrary OS Command Execution in PTW-WMS1 Firmware Version 2.000.012 Root Privilege Escalation Vulnerability in PTW-WMS1 Firmware Version 2.000.012 Arbitrary OS Command Execution in Qt for Android (prior to 5.9.0) Environment Variable Manipulation Vulnerability in Qt for Android Applications Fluentd Escape Sequence Injection Vulnerability Arbitrary File Read Vulnerability in OneThird CMS Show Off v1.85 and Earlier Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) via Crafted HTTP/2 Header Untrusted Search Path Vulnerability in Music Center for PC Version 1.0.01 and Earlier Denial-of-Service Vulnerability in MQTT.js 2.x.x prior to 2.15.0 XSA-216: Information Disclosure Vulnerability in Linux Kernel's make_response Function Xen Vulnerability: Privileged Host OS Access via Page Transfer (XSA-217) XSA-218: False Mapping Information Vulnerability in Xen Grant-Table Feature XSA-218 Bug 2: Grant-Table Race Condition Leading to Double Free Vulnerability Race condition vulnerability in Xen's shadow-paging feature allows guest OS users to gain Xen privileges (XSA-219) Xen vCPU Context-Switch Vulnerability: Defeating ASLR and Protection Mechanisms (XSA-220) Xen Event Channel Port Validation Vulnerability (XSA-221) Memory Allocation Validation Vulnerability in Xen (XSA-222) Xen Virtual Interrupt Injection Denial of Service Vulnerability (XSA-223) Arbitrary Code Execution Vulnerability in IBM Informix Open Admin Tool XSA-224: Grant-table Feature Vulnerability in Xen Insufficient Type Counts in Xen Grant-Table Feature (XSA-224 Bug 2) XSA-224 Bug 3: Denial of Service Vulnerability in Xen's Grant-Table Feature Xen Hypervisor Denial of Service Vulnerability (XSA-225) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-0 Heap-based Buffer Overflow in radare2 1.5.0 Local Privilege Escalation in IBM AIX Bellmail Binary Unauthorized Access to Configuration Files in ZXR10 1800-2S (v3.00.40 and earlier) Directory Traversal Vulnerability in ZXR10 1800-2S (before v3.00.40) Allows Unauthorized File Downloads and Information Leaks Java Deserialization Vulnerability in ZTE Microwave NR8000 Series Products ZTE ZXDT22 SF01 Directory Traversal Vulnerability Java Deserialization Remote Code Execution Vulnerability in ZTE ZXIPTV-EPG Authentication Bypass Vulnerability in ZTE ZXR10 1800-2S Products ZTE ZXCDN-SNS Product SQL Injection Vulnerability ZTE ZXIPTV-UCM SQL Injection Vulnerability Arbitrary Code Execution via Docker API in Joyent Smart Data Center Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4816) Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4855) Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 (ZDI-CAN-4721) Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 (ZDI-CAN-4723) Directory Traversal Vulnerability in Dell Storage Manager 2016 R2.1 Allows Information Disclosure Arbitrary Code Execution Vulnerability in Bitdefender Total Security 21.0.24.62 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4724) Arbitrary Code Execution via saveAs JavaScript Function in Foxit Reader 8.2.0.2051 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-5030) Integer Overflow in Bitdefender Internet Security 2018 Allows Remote Code Execution Arbitrary Code Execution Vulnerability in EMC Data Protection Advisor 6.3.0 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via ArrowEnd Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4980) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4981) Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 CSRF Vulnerability in REDCap File Repository and File Upload Components XSS Vulnerability in REDCap before 7.5.1 via Query String Knox SDS IAM and EMM 16.11 on Samsung Mobile Devices: Man-in-the-Middle Attack Allows Unauthorized Application Installation and Data Leakage Null Pointer Dereference Vulnerability in Irssi Use-after-free vulnerability in Irssi before 1.0.4 Cross-Site Scripting (XSS) Vulnerability in FineCMS before 2017-07-06 Remote PHP Code Execution in FineCMS through 2017-07-07 via route=template Request Cross-Site Request Forgery Vulnerability in IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x Cross-Site Scripting (XSS) Vulnerability in Cacti 1.1.12 link.php X.Org X Server Stack Overflow Vulnerability Endianness Conversion Vulnerability in X.Org X Server SSRF Vulnerability in FineCMS before 2017-07-06: Exploiting Modified HTTP Host Header in get_image_data.php Yaws 1.91 Unauthenticated Remote File Disclosure via HTTP Directory Traversal Arbitrary Script Injection in Lutim File Uploads Heap-Based Buffer Over-Read Vulnerability in SWFTools 0.9.2's ttftool Read/Write Overflow Vulnerability in FreeRADIUS: Exploiting make_secret() Function Write Overflow Vulnerability in FreeRADIUS 2.x before 2.2.10 Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Supplier Lifecycle Management 10.1.0.x Memory Leak Vulnerability in FreeRADIUS 2.x: DHCP - decode_tlv() Memory Leak Vulnerability in FreeRADIUS 2.x: FR-GV-204 DHCP Buffer Over-read Vulnerability in FreeRADIUS 2.x DHCP Option 63 Read Overflow Vulnerability in FreeRADIUS Write Overflow Vulnerability in FreeRADIUS 3.x Allows Remote Code Execution Infinite Loop and Memory Exhaustion Vulnerability in FreeRADIUS 3.x DHCP - Infinite Read Vulnerability in FreeRADIUS 3.x DHCP Buffer Over-read Vulnerability in FreeRADIUS 3.x Heap-based Buffer Over-read in SQLite's getNodeSize Function Vulnerability: Information Exposure through Stack Trace Error Conditions in IBM Jazz Foundation XSS Vulnerability in WP Statistics Plugin for WordPress Unauthenticated Java Deserialization Remote Code Execution in HPE Storage Essentials 9.5.0.142 Directory Traversal Vulnerability in Contao before 3.5.28 and 4.x before 4.4.1 Arbitrary Write Vulnerability in Foxit Reader and PhantomPDF Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-0 Out-of-Bounds Access Vulnerability in Qualcomm Android Releases with CAF Kernel Memory Corruption Vulnerability in Qualcomm Android Devices Buffer Overflow Vulnerability in audio_aio_ion_lookup_vaddr Vulnerability: Memory Corruption in Qualcomm's CAF Android Releases with Linux Kernel Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Out-of-Bounds Write Vulnerability in Qualcomm Android Camera Kernel Driver Out of Bounds Read Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Buffer Over-read Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Firmware Image Update Vulnerability: Unchecked RAM Allocation in Android for MSM, Firefox OS for MSM, QRD Android Insecure User Access to Registers in Snapdragon Processors Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Android and Firefox OS for MSM: Exploiting Positioning Stack Corruption Vulnerability in HandleMetaImgFlash Function Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Unprotected Configuration Space Vulnerability in Android on Qualcomm Snapdragon Devices Use After Free Vulnerability in Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Stack-based Buffer Overflow in QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST Command Processing Unbounded Loop Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Uncleared Stale Pointers Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Memory Corruption and Uninitialized Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Array Access Out of Bounds Vulnerability in Android Camera Driver Unclosed File Descriptor Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Privacy Vulnerability: Uncontrolled Information Elements in Probe Requests Out-of-Bound Buffer Access Vulnerability in Android and Firefox OS for MSM Race Condition in rmnet USB Control Driver Leading to Use After Free Vulnerability Race Condition Vulnerability in audio_effects_shared_ioctl() Function Vulnerability: Authentication Compromise in Android Flashing FRP Partition Uninitialized Data Access Vulnerability in Android Flashing Process Kernel Address Leakage in ISP Camera Driver Kernel Buffer Overflow Vulnerability in Camera Application for Android IBM Team Concert (RTC) XML External Entity Injection (XXE) Denial of Service Vulnerability Arbitrary Write Vulnerability in HDMI Video Driver Function hdmi_edid_sysfs_rda_res_info() Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases with Linux Kernel Double Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Coresight-TMC Driver Buffer Overflow and Information Leak Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Vulnerability: Bypassing Range Checks in Android Boot Image Header Processing Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Information Leakage Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Buffer Access and Freeing Vulnerability in Qualcomm Android Releases Unrestricted Access to ImsService and IQtiImsExt AIDL APIs in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Integer Overflow Vulnerability in Android Wi-Fi Driver Function Race Condition in KGSL Driver Function Leading to Use After Free Vulnerability Race Condition in Camera Driver Function Leading to Use After Free Vulnerability Kernel Out-of-Bounds Write Vulnerability in Android and Firefox OS for MSM Graphics Driver IOCTL Handler Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Android Display Driver Function Race Condition Vulnerability in Android Video Driver: Potential Buffer Overflow Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Information Disclosure Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in ConvertQosMapsetFrame() in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Kernel Memory Disclosure Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Race Condition Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases with Linux Kernel Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Uninitialized Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out-of-Range Pointer Offset Vulnerability in Athdiag Procfs Entry Heap Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Sensitive Information Exposure in IBM Marketing Platform Buffer Overflow Vulnerability in GPT Header Field Calculation in Android for MSM, Firefox OS for MSM, QRD Android Memory Mapping Vulnerability in qcacld pktlog on Android and Firefox OS for MSM Obsolete Set/Reset SSID Hotlist API Vulnerability Use After Free Vulnerability in wdsp_glink_write() Out of Bounds Read Vulnerability in Android Boot Image Header Processing Uninitialized Heap Memory Flashing Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs Race Condition Vulnerability in WLAN Firmware Loading Routine Integer Overflow and Buffer Overflow in msm_audio_effects_virtualizer_handler Information Disclosure Vulnerability in libOmxVenc SQL Injection Vulnerability in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear Buffer Overread Vulnerability in nl80211_set_station Buffer Overread Vulnerability in __wlan_hdd_cfg80211_set_pmksa Use-After-Free Vulnerability in mdss_rotator_ioctl Function Use After Free Vulnerability in KGSL Driver Function kgsl_ioctl_gpu_command Buffer Over-read Vulnerability in Android Display due to Lack of Upper-Bound Validation NULL Pointer Dereference in swf_DeleteFilter() function in SWFTools 0.9.2 NULL Pointer Dereference in dict_lookup() function in SWFTools 0.9.2 Segmentation Violation Vulnerability in SWFTools 0.9.2's png2swf Processing Segmentation Violation Vulnerability in SWFTools 0.9.2's wav2swf Processing Unspecified Vulnerability in IBM Curam Social Program Management Allows Unauthorized Incident Viewing NULL Pointer Dereference in swf_FoldSprite() function in SWFTools 0.9.2 NULL Pointer Dereference in swf_Relocate() function in SWFTools 0.9.2 Denial of Service Vulnerability in GraphicsMagick 1.3.26 via Zero-Length Color_Image Data Structure Orpheus' Lyre: Remote Service Impersonation Vulnerability in Heimdal Improper TSIG Validity Period Check in Knot DNS Allows Authentication Bypass OnePlus 2 Primary Bootloader (PBL) Vulnerability: Disabling Signature Validation via SBL1 Partition XSS Vulnerability in phpLDAPadmin 1.2.3 via entry_chooser.php Denial of Service Vulnerability in tcpdump 4.9.0 via Crafted Packet Data Vulnerability in Vim 8.0: Denial of Service via Crafted Source File Heap-based Buffer Underflow Vulnerability in catdoc 0.95 Heap-based Buffer Overflow in NASM 2.14rc0 Preproc.c Remote Denial of Service Vulnerability in ncurses 6.0 NULL Pointer Dereference in _nc_parse_entry function of ncurses 6.0 Buffer Over-read Vulnerability in Twibright Links 2.14's put_chars Function Heap-based Buffer Overflow in ExifJpegHUFFTable::deriveTable Function in OpenExif 2.1.4 Heap-based Buffer Over-read Vulnerability in OpenExif 2.1.4 Heap-based Buffer Over-read Vulnerability in OpenExif 2.1.4 Denial of Service Vulnerability in OpenExif 2.1.4 via Crafted JPG File Denial of Service Vulnerability in Nosefart 2.9-mls via Crafted NSF File Buffer Overflow Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips (B-V2017061204) B-V2017061205: Denial of Service Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips Information Leak Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips NULL Pointer Dereference in xar_unserialize function of libxar.so in xar 1.6.1 NULL Pointer Dereference in xar_get_path function in libxar.so Buffer Over-read and Application Crash in mpg123 III_i_stereo Function Stored XSS Vulnerability in Bolt CMS 3.2.14 via SVG Upload Stored XSS Vulnerability in Bolt CMS 3.2.14 via Title Field of New Entry Hard-coded Password Vulnerability in heinekingmedia StashCat for Android Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert (RTC) 4.0, 5.0, and 6.0 Replay Attack Vulnerability in heinekingmedia StashCat Insecure Password Hashing in heinekingmedia StashCat Lack of Certificate Pinning in heinekingmedia StashCat for Android Weak Encryption Implementation in heinekingmedia StashCat Insecure Storage of Login Credentials in heinekingmedia StashCat for Android Insecure Logout Mechanism Allows Unauthorized Access and Denial of Service Insecure RSA Key Transmission and Storage in heinekingmedia StashCat Double Free Vulnerabilities in GraphicsMagick 1.3.26's ReadOneJNGImage() Function Cross-Site Scripting (XSS) Vulnerability in IBM Campaign 9.1, 9.1.2, and 10 Denial of Service Vulnerability in GraphicsMagick's ReadJPEGImage Function Memory Leak Vulnerability in ReadMATImage Function of ImageMagick 7.0.5-6 CPU Consumption Denial of Service Vulnerability in PHP Invalid Free Vulnerability in PHP WDDX Deserialization OpenSSL Extension PEM Sealing Code Crash Vulnerability Out-of-bounds Read Vulnerability in PHP Date Extension Buffer Over-read Vulnerability in PHP PHAR Archive Handler SSRF Vulnerability in Synology Chat Link Preview Allows Unauthorized Access to Intranet Resources SSRF Vulnerability in Synology Download Station Allows Arbitrary File Download HTML Injection Vulnerability in IBM Campaign 9.1, 9.1.2, and 10 Command Injection Vulnerability in Synology Office 2.2.0-1502 and 2.2.1-1506: Remote Code Execution via RTF Document Filename Arbitrary File Upload Vulnerability in Synology Photo Station Arbitrary File Write Vulnerability in Synology Photo Station Deserialization Vulnerability in Synology Photo Station Allows Remote Privilege Escalation Arbitrary PHP Script Creation via Unrestricted File Upload in Synology Photo Station Information Exposure Vulnerability in Synology Photo Station Arbitrary Code Execution Vulnerability in Synology Download Station Untrusted Search Path Vulnerabilities in Synology Cloud Station Backup Installer Untrusted Search Path Vulnerabilities in Synology Cloud Station Drive Installer on Windows Untrusted Search Path Vulnerabilities in Synology Photo Station Uploader on Windows Excessive Client-Side Details Disclosure Vulnerability in IBM Campaign Untrusted Search Path Vulnerabilities in Synology Assistant Installer on Windows SQL Injection Vulnerabilities in Synology Photo Station Directory Traversal Vulnerability in Synology Photo Station Allows Remote File Read Arbitrary Web Script Injection via HTTP Referer Headers in Cacti 1.1.12 Stack Exhaustion Vulnerability in PCRE 8.41's OP_KETRMAX Feature Sensitive Credential and Configuration Information Disclosure in dataTaker DT80 dEX 1.50.012 Memory Leak Vulnerability in ImageMagick's ReadXWDImage Function Arbitrary PHP Code Execution in FineCMS 2.1.0 via URL Manager Add Site Action Privilege Escalation via Modified Parameter in iBall iB-WRA300N3GT_1.1.1 Denial of Service Vulnerability in IBM WebSphere MQ 8.0 and 9.0 with Enabled Trace Memory Leak Vulnerability in ReadTGAImage Function of ImageMagick 7.0.5-6 Vulnerability: Bad Reference Counting in gnome-session's accept_ice_connection() Function Insecure CORS Configuration Allows Cross-Origin Requests from Malicious Domains SQL Injection Vulnerability in XOOPS 2.5.8.1 Core: install/page_dbsettings.php Reflected XSS Vulnerability in J2 Innovations FIN Stack 4.0 Authentication Webform Use-after-free vulnerability in Linux kernel mq_notify function Unrestricted File Access Vulnerability in TRITON AP-EMAIL 8.2 Arbitrary File Write Vulnerability in FineCMS through 2017-07-11 Stored XSS Vulnerability in FineCMS (through 2017-07-11) in User Information Modification and User Registration IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 Security Policy Misconfiguration Vulnerability Stored XSS in FineCMS Logging Functionality XSS Vulnerabilities in Rise Ultimate Project Manager v1.8 Messaging Section XSS Vulnerabilities in My Profile Section of Rise Ultimate Project Manager v1.8 Arbitrary File Deletion Vulnerability in GLPI before 9.1.5 SQL Injection in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter Denial of Service Vulnerability in gmp Plugin of strongSwan Inadequate Brute-Force Attack Mitigation in phpMyFAQ before 2.9.8 CPU Exhaustion Vulnerability in ImageMagick 7.0.6-0's ReadDPXImage Function Denial of Service Vulnerability in unrar-free 0.0.1 Sensitive Information Disclosure in IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 Stack-based buffer overflow in unrarlib.c in unrar-free 0.0.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long filename in an RAR archive. Bypassing Account-Locking Restrictions in FreeIPA 4.x API Version 2.213 CSRF Vulnerability in Pulse Connect Secure 8.3R1's diag.cgi Reflected XSS in Pulse Connect Secure 8.3R1 adminservercacertdetails.cgi Reflected XSS Vulnerability in Pulse Connect Secure 8.3R1's launchHelp.cgi CSRF Vulnerability in Pulse Connect Secure 8.3R1 Logout Function Privilege Escalation Vulnerability in CyberArk Viewfinity 5.5.10.95 and 6.x Arbitrary Web Script Injection in FineCMS through 2017-07-12 Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 8.5 and 9.0 SQL Injection in FineCMS via visitor_ip parameter in excludes.php Cross-Site Scripting (XSS) Vulnerability in FineCMS through 2017-07-12 via Image Upload FineCMS 2017-07-12 XSS Vulnerability in visitors.php Arbitrary Code Execution via Memory Corruption in Adobe Acrobat Reader Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, and 9.0 Arbitrary Code Execution via Font Parsing Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader JPEG Parser Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Integer Overflow Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Flash Player 27.0.0.183 and Earlier Versions Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Arbitrary Command Injection Vulnerability in IBM Security Guardium 8.2, 9.0, and 10.0 Heap Overflow Vulnerability in Adobe Acrobat Reader Type Confusion Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader PRC Engine Use After Free Vulnerability in Adobe Acrobat Reader XFA Engine Use After Free Vulnerability in Adobe Acrobat Reader XFA Layout Engine Use After Free Vulnerability in Adobe Flash Player Primetime SDK Metadata Functionality Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader FDF Security Bypass Vulnerability Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's JPEG 2000 Engine Use After Free Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Use After Free Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution via Memory Corruption in Adobe Acrobat Reader HTTP Header Injection Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader XSLT Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Local File Disclosure Vulnerability in IBM Cognos Analytics 10.1 and 10.2 Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader AGM Module Memory Corruption Vulnerability Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Use After Free Vulnerability in Adobe Acrobat Reader Type Confusion Vulnerability in Adobe Acrobat Reader XFA Layout Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Information Disclosure Vulnerability in IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Security Bypass Vulnerability in Adobe Digital Editions 4.5.4 and Earlier XML Parsing Vulnerability in Adobe Digital Editions Use After Free Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Heap Overflow Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Use After Free Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Adobe Flash Player Text Handling Memory Corruption Vulnerability Adobe Flash Player MP4 Atom Parser Memory Corruption Vulnerability Untrusted Data Deserialization Vulnerability in Adobe ColdFusion Untrusted Data Deserialization Vulnerability in Adobe ColdFusion Critical Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion 2016 and 11 Adobe ColdFusion XML External Entity (XXE) Injection Vulnerability Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Denial of Service Vulnerability in IBM Notes 8.5 and 9.0 Adobe Connect UI Redress (Clickjacking) Vulnerability Adobe Connect 9.6.2 SSRF Vulnerability: Bypassing Network Access Controls Adobe Flash Player Bytecode Verification Vulnerability Memory Corruption Vulnerability in Adobe Acrobat and Reader Memory Corruption Vulnerability in Adobe Shockwave Memory Corruption Vulnerability in Adobe DNG Converter Allows Arbitrary Code Execution Cross-Site Scripting Vulnerability in Apache Sling Servlets Post 2.3.20 Resolved in Adobe Experience Manager Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Denial of Service Vulnerability in IBM Notes 8.5 and 9.0 Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe InDesign 12.1.0 and Earlier Versions Memory Corruption Vulnerability in Adobe Photoshop 18.1.1 and Earlier Versions Use-After-Free Vulnerability in Adobe Photoshop 18.1.1 and Earlier Versions Adobe Flash Player Version 27.0.0.187 Regression: Unintended Global Settings Preference File Reset on Clearing Browser Data Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Avaya IP Office SoftConsole Client IBM Sterling B2B Integrator Standard Edition 5.2 Unauthorized Information Disclosure Vulnerability Memory Leak Vulnerabilities in ImageMagick's read_user_chunk_callback Function Heap Buffer Overflow in OpenMPT and libopenmpt: Arbitrary Code Execution via Crafted PSM File Arbitrary File Upload and Code Execution Vulnerability in Telerik.Web.UI Cobian Backup 11 Client Vulnerability: Man-in-the-Middle Attack and Remote Command Execution Remote authenticated users can gain privileges through insufficient validation and missing cross-server side checking mechanisms in Perspective ICM Investigation & Case 5.1.1.16 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Persistent XSS Vulnerability in Technicolor TC7337 Routers: Exploiting SSID for DNS Poisoning and Credential Theft Privilege Escalation via Shell Metacharacters in UCOPIA Wireless Appliance Restricted Shell Interface Remote Root Privilege Escalation in UCOPIA Wireless Appliance Stack-based Buffer Overflow in ESTsoft ALZip 8.51 and Earlier via Crafted MS-DOS Device File SQL Injection Vulnerability in Tilde CMS 1.0.1 Arbitrary File Read Vulnerability in Tilde CMS 1.0.1 Arbitrary File Upload Bypass via Filename Manipulation in Tilde CMS 1.0.1 Sensitive Data Exposure in Tilde CMS 1.0.1 via Direct References YARA 3.x Heap Buffer Overflow Vulnerability in yr_object_array_set_item() Function SQL Injection in GLPI via ajax/getDropdownValue.php with entity_restrict parameter Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 Denial of Service Vulnerability in DivFix++ v0.34 Memory Allocation Error in Xiph.Org vorbis-tools 1.4.0 Denial of Service Vulnerability in Sound eXchange (SoX) 14.4.2 via Crafted WAV File Denial of Service Vulnerability in libvorbis 1.3.5 via Crafted WAV File Denial of Service Vulnerability in QEMU's address_space_write_continue Function Heap-based Buffer Overflow in LibTIFF 4.0.8 via PlanarConfig=Contig Image Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.26's Image::printIFDStructure Function Remote Denial of Service Vulnerability in Exiv2 0.26 Remote Denial of Service Vulnerability in Exiv2 0.26 Heap-Based Buffer Overflow in Exiv2 0.26's Image::printIFDStructure Function Privilege Escalation Vulnerability in IBM Reliable Scalable Cluster Technology (IBM Reference #: 1998459) Remote Denial of Service Vulnerability in Exiv2 0.26: Segmentation Fault in XmpParser::terminate() Function Heap-based Buffer Over-read Vulnerability in LibSass 3.4.5 Allows Remote Denial of Service Attack Remote Denial of Service Vulnerability in LibSass 3.4.5 due to Illegal Address Access in ast.cpp Algorithmic Complexity Attack in CHICKEN Scheme: Incomplete Fix for CVE-2012-6125 Global Buffer Overflow Vulnerability in ASUS Firmware for Various ASUS Devices Stack Buffer Overflow in Networkmap in ASUS Firmware for Various ASUS Devices Arbitrary Code Execution Vulnerability in Zoho ManageEngine Desktop Central Authenticated Code Execution Vulnerability in MetInfo 5.3.17: Remote Attackers Can Generate Malicious PHP Scripts from Image Content Directory Traversal Vulnerability in Octopus Deploy 3.x before 3.15.4 Remote Code Execution and Unauthorized Program/Schedule Composition in dataTaker DT8x dEX 1.72.007 CSRF Vulnerability in Axesstel MU553S MU55XS-V1.14 Devices Default Password Vulnerability in Axesstel MU553S MU55XS-V1.14 Devices Incomplete Fix for RLE Image Handling Vulnerability in ImageMagick Race condition in yadm 1.10.0 allows unauthorized access to SSH and PGP keys SQL Injection Vulnerability in Fiyo CMS v2.0.7 via name parameter in sys_article.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PEGA Platform 7.2 ML0 and Earlier Information Disclosure Vulnerability in PEGA Platform 7.2 ML0 and Earlier Arbitrary File Upload and Code Execution in Progress Telerik UI for ASP.NET AJAX Denial of Service Vulnerability in Sound eXchange (SoX) 14.4.2 via Crafted hcom File Denial of Service Vulnerability in SoX 14.4.2 via Crafted SND File Conversion Large Loop Vulnerability in ReadRLEImage Function of ImageMagick 7.0.6-1 via Crafted RLE File Inteno Routers: JUCI ACL Misconfiguration Allows Unauthorized File Access and SSH Key Manipulation Stack-based buffer overflow vulnerability in ext/intl/msgformat/msgformat_parse.c in PHP before 7.0.21 and 7.1.x before 7.1.7 allows remote attackers to cause a denial of service or possibly have other unspecified impact via a long argument to the msgfmt_parse_message function. Unverified Ownership Vulnerability in Joomla! CMS Installer Incorrect Access Control in Symfony Password Validator Remote Command Execution in Codiad File Manager Denial of Service Vulnerability in shoco_decompress Function Kerberos 5 Assertion Failure Vulnerability Weak Security Vulnerability in IBM WebSphere Application Server 8.0 and 8.5.5 Lack of Signed or Validated Configuration and Database Backup Archives in Trend Micro Deep Discovery Director 1.1 Static Password Encryption Vulnerability in Trend Micro Deep Discovery Director 1.1 Command Injection Vulnerability in Trend Micro Deep Discovery Director 1.1 Allows Unauthorized Account Restoration Arbitrary File Deletion Vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Title: Authentication Bypass and Information Disclosure in Trend Micro Control Manager 6.0 Remote Code Execution via SQL Injection in Trend Micro Control Manager 6.0 Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via Directory Traversal Trend Micro Control Manager 6.0 XXE Processing Vulnerability Arbitrary Code Execution Vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 Remote Code Execution Vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 Trend Micro OfficeScan Proxy Command Injection Vulnerability Trend Micro OfficeScan 11 and XG (12) Proxy Command Injection Vulnerability Command Injection Vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 Server Administration UI Remote Code Injection Vulnerability in Trend Micro Web Security Virtual Appliance 6.5 Remote Code Execution Vulnerability in Trend Micro Encryption for Email Session Hijacking via Log Disclosure Vulnerability in Trend Micro Smart Protection Server Integer Overflow in ape_decode_frame function in FFmpeg Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.0 and 8.5 Incomplete Firmware Signature Allows Local Attackers to Upgrade Belden Hirschmann Tofino Xenon Security Appliance with Unsigned Data Belden Hirschmann Tofino Xenon Security Appliance ModBus Packet Handling Vulnerability Remote Rule Activation and TCP Port Bypass Vulnerability in Belden Hirschmann Tofino Xenon Security Appliance Use-after-free vulnerability in GraphicsMagick: Out-of-order CloseBlob call in ReadMNGImage function Remote Code Execution via FileManager in CMS Made Simple (CMSMS) 2.2.2 Arbitrary PHP File Upload Vulnerability in CMS Made Simple (CMSMS) 2.2.2 Infinite Loop Vulnerability in Wireshark DOCSIS Dissector MQ Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13 AMQP Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13 GPRS LLC Dissector Loop Vulnerability in Wireshark 2.0.0 to 2.0.13 Information Disclosure Vulnerability in IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 Infinite Loop Vulnerability in Wireshark WBXML Dissector OpenSAFETY Dissector Crash and Memory Exhaustion Vulnerability SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in comment_status.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in comment_status.php SQL Injection in Fiyo CMS 2.0.7 via app_comment/sys_comment.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level'] SQL Injection Vulnerability in Fiyo CMS 2.0.7 via name parameter in /apps/app_comment/controller/insert.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in article_status.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via article_list.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via editor.php Failure to Set Secure Flag for Session Cookie in IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 Stack-based Buffer Overflow in ASUS Discovery.c in Networkmap in ASUSwrt-Merlin Firmware for ASUS Devices and ASUS Firmware for ASUS RT-AC5300, RT-AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT-AC1200GU, RT-AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT-N12+_PRO, RT-N16, and RT-N300 Devices Gnome-Exe-Thumbnailer Vulnerability: Bad Taste VBScript Injection Session Permission Bypass in Statamic Framework (before 2.6.0) Stack-based buffer over-read vulnerability in the cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha Vulnerability: Symmetric/Asymmetric Key Confusion in PyJWT 1.5.0 and below XML Signature Wrapping Vulnerability in OneLogin PythonSAML XML Signature Wrapping Vulnerability in OneLogin Ruby-SAML XML Signature Wrapping Vulnerability in saml2-js 2.0 and earlier HTTP Strict Transport Security Bypass in IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 XML Signature Wrapping Vulnerability in OmniAuth OmnitAuth-SAML Denial of Service Vulnerability in QEMU's dhcp_decode Function Authentication Bypass Vulnerability in Humax Wi-Fi Router Model HG100R-* 2.0.6 D-Link DIR-615 Vulnerability: Remote Access via TELNET Backdoor Unauthorized Access to Repositories via Mirroring Feature in GitLab Enterprise Edition (EE) Arbitrary Project Addition Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) Reflected XSS Vulnerability in Sitecore 8.2 Shell Applications Tools Run Program Parameter Local Privilege Escalation Vulnerability in IBM WebSphere Message Broker Absolute Path Traversal Vulnerability in Sitecore 8.2 XSS Vulnerability in WHM Upload Locale Interface (SEC-297) SQL Injection Vulnerability in Subrion CMS 4.1.5.10: Exploiting $_GET Array in /front/search.php SQL Injection Vulnerability in Subrion CMS 4.1.6 and Earlier Versions Infinite Loop Vulnerability in ImageMagick's ReadPESImage Function Memory Leak Vulnerability in ImageMagick's ReadSCREENSHOTImage Function Uninitialized Memory Disclosure in ImageMagick's ReadJPEGImage Function Denial of Service Vulnerability in ImageMagick's coders/mpc.c Denial of Service Vulnerability in IBM WebSphere MQ 8.0.0.6 JPEG Data Length Vulnerability in ImageMagick CSRF Vulnerability in diag.cgi in Pulse Connect Secure and Pulse Policy Secure Directory Traversal Vulnerability in Geneko GWR Routers Allows Unauthenticated Access to Configuration File XML External Entity (XXE) Vulnerability in SAP NetWeaver AS JAVA 7.5 (SAP Security Note 2387249) Arbitrary Web Script Injection in SAP NetWeaver AS JAVA 7.3 (SAP Security Note 2406783) Arbitrary File Read and Write Vulnerability in SAP TREX 7.10 Cross-Site Scripting Vulnerability in IBM Content Navigator 2.0.3 and 3.0.0 SAP NetWeaver Portal 7.4 DataArchivingService Servlet XSS Vulnerability NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 Vulnerability: Clickjacking/UI Redress Attack Double Free Vulnerability in MIT Kerberos 5: Automatic Deletion of Security Contexts on Error Unrestricted Direct Object Reference Vulnerability in Ivanti Service Desk Division by Zero Vulnerability in GNOME librsvg 2.40.17 Denial of Service and Potential Bypass of $SAFE Protection Mechanism in Ruby 2.4.1 UTF-8 Parser Arbitrary File Upload Vulnerability in dotCMS 4.1.1 Arbitrary OS Command Execution in OrientDB through 2.2.22 Denial of Service Vulnerability in Docker Registry Directory Traversal Vulnerability in get2post.php of IDERA Uptime Monitor 7.8 Cross-Site Scripting (XSS) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 SQL Injection Vulnerability in IDERA Uptime Monitor 7.8 via /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php SQL Injection in IDERA Uptime Monitor 7.8 via /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php ACPI Operand Cache Flushing Vulnerability Buffer Overflow in Linux Kernel Allows Privilege Escalation via Crafted ACPI Table SQL Injection in GLPI before 9.1.5.1 via $crit variable in computer_softwareversion.class.php SQL Injection in GLPI's Condition Rule Field via front/rulesengine.test.php Denial of Service via Malformed DJVU Image in ImageMagick Cross-Site Scripting (XSS) Vulnerability in Kibana Timelion Information Disclosure Vulnerability in IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) Application Denial of Service Vulnerability in Packetbeat's PostgreSQL Protocol Handler Cross-Site Scripting (XSS) Vulnerability in Kibana URL Fields Incomplete Fix for Open Redirect Vulnerability in Kibana Versions 6.0.1 and 5.6.5 XML External Entity Injection (XXE) Vulnerability in IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 SQL Injection Vulnerability in SOL.Connect ISET-mpp Meter 1.2.4.2 and Earlier: Remote Code Execution via User Parameter Unauthenticated Remote Code Execution and Reboot Vulnerability in PHICOMM K2(PSG1218) Devices Remote Code Execution Vulnerability in Gemalto ACC (Admin Control Center) Stack Buffer Overflow in Gemalto ACC Allows Remote Code Execution via Long Filenames Remote Denial of Service Vulnerability in Gemalto ACC (Admin Control Center) Vulnerability: Hash Flooding Remote DoS Attacks in Node.js Unauthorized Access to Restricted Tables in IBM DB2 Directory Traversal Vulnerability in MetInfo 5.3.17 Allows Remote File Deletion Unintended SSL Certificate Validation Absence in NixOS LDAP Authentication Arbitrary File Reading Vulnerability in Technicolor DPC3928AD DOCSIS Devices XSS Vulnerability in PHPMailer 5.2.23's From Email Address and To Email Address Fields Denial of Service Vulnerability in ImageMagick's ReadOneJNGImage Function TLS Certificate Verification Bypass in Nessus 6.x before 6.11 Cross Site Scripting (XSS) Vulnerability in Check_MK Versions 1.2.8x and 1.4.0x SQL Injection Vulnerability in SecurityCenter Versions 5.5.0-5.5.2 Arbitrary Code Execution Vulnerability in Firebird SQL Server 2.5.7 and 3.0.2 Elevated Privilege Vulnerability in IBM WebSphere Application Server with OpenID Connect and Trust Association Interceptor Information Leak Vulnerability in Wanscam HW0021 Network Camera Allows Unauthorized Access to Administrator Credentials Arbitrary File Download Vulnerability in ManageEngine ServiceDesk 9.3.9328 Arbitrary File Download Vulnerability in ManageEngine ServiceDesk 9.3.9328 XSS Vulnerability in Yii Framework 2.0.12 Exception Screen Remote Code Execution via Stack-based Buffer Overflow in Geutebrueck Gcore Server Vulnerability in TP-Link Archer C9(UN)_V2_160517 Allows Admin Password Reset Session ID Leakage Vulnerability in IBM Financial Transaction Manager 3.0.1 and 3.0.2 Denial of Service Vulnerability in reSIProcate 1.10.2 NULL Pointer Dereference Vulnerability in WriteOnePNGImage Function Denial of Service Vulnerability in ImageMagick's ReadTXTImage Function Denial of Service Vulnerability in ImageMagick's WriteBlob Function Memory Consumption Denial of Service Vulnerability in ImageMagick Denial of Service Vulnerability in ImageMagick's ReadOneMNGImage Function Memory Consumption Denial of Service Vulnerability in ImageMagick Memory Leak Vulnerability in ImageMagick's ReadDIBImage Function Memory Leak Vulnerability in ImageMagick's ReadMATImage Function Privilege Escalation Vulnerability in IBM TRIRIGA Report Manager 3.2-3.5 Memory Consumption Denial of Service Vulnerability in ImageMagick Memory Leak in ImageMagick's WriteHISTOGRAMImage() Function Memory Leak in WriteMPCImage() function in ImageMagick 7.0.6-1 Heap-based Buffer Over-read in ImageMagick's WriteUILImage() Function Memory Leak in ImageMagick 7.0.6-1's convert Function when Processing Crafted Files Heap-based Buffer Over-read in ImageMagick 7.0.6-1's WritePSImage() Function Memory Leak in WriteJP2Image() function in ImageMagick 7.0.6-1 Floating Point Exception (FPE) Vulnerability in ImageMagick 7.0.6-1's WritePALMImage() Function Memory Leak in WriteOnePNGImage() function in ImageMagick 7.0.6-1 Memory Leak in ImageMagick's ReadOnePNGImage() Function Local File Access Vulnerability in IBM Algorithmics One-Algo Risk Application Heap-based Buffer Over-read in ImageMagick's Convert Function Heap-Based Buffer Over-Read Vulnerability in tcpdump 4.9.0 Heap-Based Buffer Over-Read in tcpdump 4.9.0's pimv1_print Function Buffer Overflow Vulnerability in tcpdump 4.9.0's sliplink_print Function Denial of Service Vulnerability in TiMidity++ 2.14.0 via Crafted MIDI File Heap-based Buffer Over-read Vulnerability in TiMidity++ 2.14.0 Memory Corruption Vulnerability in Xiph.Org libao 1.2.0 via Crafted MP3 File Denial of Service Vulnerability in TiMidity++ 2.14.0 via Crafted MIDI File User Report Access Vulnerability in IBM Algorithmics One-Algo Risk Application NULL Pointer Dereference and Application Crash Vulnerability in libid3tag 0.15.1b Denial of Service Vulnerability in libid3tag 0.15.1b via Crafted MP3 File Memory Corruption Vulnerability in mpg321 0.3.2-1 with libmad 0.15.1b Remote Denial of Service Vulnerability in Exiv2 0.26 via Illegal Address Access in extend_alias_table Function Remote Denial of Service Vulnerability in LibSass 3.4.5 Remote Denial of Service Vulnerability in LibSass 3.4.5 Stack Consumption Vulnerability in LibSass 3.4.5 Parser::advanceToNextToken Function Unauthenticated User Enumeration in ZOHO ManageEngine Applications Manager 12.3 Blind SQL Injection Vulnerability in ZOHO ManageEngine OpManager 12.2 Open Redirect Vulnerability in IBM WebSphere Portal 8.5 and 9.0 Allows for Phishing Attacks Arbitrary JavaScript Injection via Google Map Integration in ZOHO ManageEngine OpManager 12.2 Arbitrary File Upload Vulnerability in ZOHO ManageEngine OpManager 12.2 Session Fixation Vulnerability in SenhaSegura Web Application 2.2.23.8 via login_if.php Remote Code Execution Vulnerability in D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 Multiple Command Injection Vulnerabilities in D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 Incorrect implementation of aa-exec in Debian Tor package allows bypassing of AppArmor restrictions Shell Command Injection Vulnerability in AppUse 4.0 via Proxy Field CSRF Vulnerability in Mongoose Web Server Allows Remote Code Execution Heap-based Buffer Over-read Vulnerability in FontForge 20161012 Heap-based Buffer Over-read Vulnerability in FontForge 20161012 Unauthorized Access to Restricted Report Data in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 Buffer Over-read Vulnerability in FontForge 20161012: Exploiting umodenc in parsettf.c for DoS or Code Execution Stack-based Buffer Overflow in FontForge 20161012: Exploiting the addnibble Function in parsettf.c Heap-Based Buffer Over-Read Vulnerability in FontForge 20161012 Buffer Over-read Vulnerability in FontForge 20161012: Exploiting ValidatePostScriptFontName in parsettf.c Heap-based Buffer Overflow in FontForge 20161012: DoS and Code Execution Vulnerability Buffer Over-read Vulnerability in FontForge 20161012: Exploiting strnmatch in char.c for DoS or Code Execution FontForge 20161012 Denial of Service Vulnerability Buffer Over-read Vulnerability in FontForge 20161012: Exploiting getsid in parsettf.c Insecure HTTP Connection Vulnerability in Blipcare Wireless Blood Pressure Monitor Vulnerability: Open Wireless Network and Credential Sniffing in Blipcare Blipcare Wifi Blood Pressure Monitor BP700 10.1 Devices Denial of Service Vulnerability Cross Site Scripting (XSS) in dayrui FineCms 5.0.9 via Non-Standard Username Payload SQL Injection in dayrui FineCms 5.0.9 via num parameter in action=related or action=tags request to libraries/Template.php SQL Injection in dayrui FineCms 5.0.9 via catid parameter in action=related request to libraries/Template.php SQL Injection in dayrui FineCms 5.0.9 via field parameter in action requests Remote PHP Code Execution in dayrui FineCms 5.0.9 via Eval Injection in libraries/Template.php URL Redirector Abuse in dayrui FineCms 5.0.9 via the url parameter in a sync action Directory Traversal Vulnerability in Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Remote Command Execution via Shell Metacharacters in Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Lack of Access Control for Multiple Commands on Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Open Redirect Vulnerability in IBM Business Process Manager 8.0 and 8.5 Remote Denial of Service Vulnerability in libgxps 0.2.5 Remote Denial of Service Vulnerability in Exiv2 0.26 via Floating Point Exception in Exiv2::ValueType Function Exiv2 0.26 Mismatched Memory Management Routines Vulnerability Markdown Preview Plus Extension XSS Vulnerability Markdown Parser XSS Vulnerability in Loomio before 1.8.0 Cross-Site Scripting (XSS) Vulnerability in IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x Out-of-bounds access vulnerability in Linux kernel's xfrm_policy.c Heap-based Buffer Over-read Vulnerability in LibSass 3.4.5 Allows Remote Denial of Service Attack Heap-based Buffer Over-read in LibSass 3.4.5: Remote Denial of Service Vulnerability Arbitrary Command Execution Vulnerability in IBM API Connect 5.0.6.0 Arbitrary Command Execution via Crafted XML-RPC Request in Supervisor Cross-Site Scripting (XSS) Vulnerability in Wolf CMS 0.8.3.1 XSS Vulnerabilities in Joomla! Components Due to Inadequate HTML Tag Filtering Denial of Service Vulnerability in LibTIFF 4.0.8 TIFFOpen Function Hard-coded Credentials in MEDHOST Connex Allow Unauthorized Access to Customer Database Sandbox Escape Vulnerability in Wube Factorio Lua Interface Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 via IMG element with quotes IBM QRadar 7.2 and 7.3 Information Disclosure Vulnerability Stack-Consumption Vulnerability in libqpdf Allows for Denial of Service Stack-Consumption Vulnerability in libqpdf Allows Denial of Service via Crafted File Stack-Consumption Vulnerability in libqpdf Allows for Denial of Service Stack-Consumption Vulnerability in libqpdf: Denial of Service via Crafted File Stack-based buffer overflow in zend_ini_do_op() function in PHP versions before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7 allows for denial of service or potential code execution. Cross Site Scripting (XSS) in dayrui FineCms through 5.0.10 via controllers/api.php Arbitrary File Deletion Vulnerability in Fiyo CMS 2.0.7 SQL Injection Vulnerability in status.php in Fiyo CMS 2.0.7 Vulnerability: Root Account with Known SHA-512 Password Hash on Wireless IP Camera 360 Devices RTSP Credential Disclosure Vulnerability in Wireless IP Camera 360 Devices Weakly Encoded Admin Password Vulnerability in Wireless IP Camera 360 Devices Vulnerability: Unauthorized Access to Recordings on Wireless IP Camera 360 Devices Heap Overflow in GraphicsMagick 1.3.26's WriteRGBImage() Function NULL Pointer Dereference in WritePCLImage() Function in GraphicsMagick 1.3.26 Segmentation Violation in WriteMAPImage() Function in GraphicsMagick 1.3.26 Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-1's Convert Function Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation Address Access Exception in ImageMagick 7.0.6-1 Convert Function Memory Leak in PersistCache function in GraphicsMagick 1.3.26 GraphicsMagick 1.3.26 WriteMAPImage() Function NULL Pointer Dereference Vulnerability Heap Overflow Vulnerability in GraphicsMagick 1.3.26's WriteCMYKImage() Function Memory Leak in ReadMATImage() function in ImageMagick 7.0.6-1 Unauthenticated Access to Logfile, Status, and System Configuration in NetComm Wireless 4GT101W Routers CSRF Vulnerability in NetComm Wireless 4GT101W Routers Stored Cross-Site Scripting Vulnerability in NetComm Wireless 4GT101W Routers CSRF Vulnerability in Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 CSRF Vulnerability in DrayTek Vigor AP910C Devices Allows Unauthorized SNMP Activation Arbitrary Web Script Injection in DrayTek Vigor AP910C Devices XSS Vulnerability in NexusPHP V1.5 via UBBCode URL Tag Weak Permissions in Razer Synapse CrashReporter Directory Allows Privilege Escalation via Trojan Horse DLL Weak Permissions in Razer Synapse 2.20.15.1104 and Earlier: Privilege Escalation via Trojan Horse Files SIPcrack 0.2 Out-of-Bounds Read and Write Vulnerability Memory Leak Vulnerability in SIPcrack 0.2 Allows Remote Attackers to Crash sipdump Sessions Privilege Escalation Vulnerability in Dashlane via Trojan Horse WINHTTP.dll Bypassing Local File Inclusion Mitigation in WP Rocket Plugin 2.9.3 Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Remote RTMP Server Denial of Service Vulnerability in FFmpeg 3.3.2 Arbitrary Code Injection through File Preview in Kopano WebApp Session Hijacking Vulnerability in OpenProject Out-of-Bounds Read Vulnerability in eapmd5pass 1.4 Out-of-Bounds Read Vulnerability in eapmd5pass 1.4 Out-of-Bounds Read and Write Vulnerability in eapmd5pass 1.4 Vulnerability: Status Flag Clobbering in ix86_expand_builtin Function Privilege Escalation Vulnerability in OPC Foundation Local Discovery Server (LDS) Remote Code Execution and Denial of Service Vulnerability in Acunetix 8's Reporter.exe Denial of Service Vulnerability in Acunetix 8 Reporter.exe Arbitrary PHP Code Execution in ZenCart 1.5.5e via Invalid Array Index XSS Vulnerability in Hashtopus 1.5g Allows Remote Code Injection via admin.php SQL Injection Vulnerability in Hashtopus 1.5g: Remote Code Execution via admin.php CSRF Vulnerability in Hashtopus 1.5g via admin.php Password Parameter Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 CSRF Vulnerability in Hashtopussy 0.4.0 Allows Unauthorized Admin Password Change Improper Access Control in Hashtopussy 0.4.0 Allows Remote Authenticated Users to Execute Administrative Actions Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0: Remote Code Injection via hashcat.php parameters Remote Denial of Service Vulnerability in Exiv2 0.26 Remote Denial of Service Vulnerability in Libav 12.1 via Illegal Address Access in build_table Function Multiple Reflective Cross-Site Scripting (XSS) Vulnerabilities in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 Authentication Bypass and Password Exposure in Zoho ManageEngine Event Log Analyzer Persistent Cross-Site Scripting (XSS) Vulnerabilities in Zoho ManageEngine Event Log Analyzer Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) Allows Arbitrary JavaScript Code Execution Cacti 1.1.13 Auth_Profile.php Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in yaml-cpp 0.5.3 and Earlier Hard-coded Credentials in MEDHOST Document Management System Pose Database Access Vulnerability Hard-coded Credentials in MEDHOST Document Management System Pose Risk of Unauthorized Access and Data Manipulation Heap-based Buffer Overflow in NSS's alloc_segs Function Heap-based Buffer Overflow in NSS __hash_open Function Denial of Service Vulnerability in NSS's hash_open Function Heap-based Buffer Overflow in NSS __get_page Function Session Hijacking Vulnerability in IBM WebSphere Commerce 8.0 Memory Leak Vulnerability in Ming 0.4.8's parseSWF_DOACTION Function Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8's decompileIF Function Memory Leak Vulnerability in Ming 0.4.8's parseSWF_SHAPEWITHSTYLE Function Insecure Login Credentials Exposure in Boozt Fashion Android App Unauthorized Execution of Application Actions in IBM TRIRIGA Application Platform Out-of-Bounds Read Vulnerability in Artifex Ghostscript 9.21 Arbitrary PHP Code Execution Vulnerability in MetInfo through 5.3.17 Stored XSS Vulnerability in MetInfo 5.3.17 via HTML Edit Mode Vulnerability: CAPTCHA Bypass in MetInfo through 5.3.17 URL Redirector Abuse Vulnerability in MetInfo through 5.3.17 via gourl parameter in member/login.php Out-of-array Access Vulnerability in FFmpeg's dnxhd_decode_header Function Critical Division-by-Zero Vulnerability in LAME 3.99.5: Exploiting Malformed Input Files Buffer Overflow Vulnerability in ioquake3 (pre-2017-08-02) Allows Remote Code Execution Out-of-Bounds Read and Application Crash in GraphicsMagick 1.3.26 Directory Traversal Vulnerability in Xinha 0.96 Allows Remote Folder Deletion Memory Leaks in ReadMATImage Function in ImageMagick Unintended Redirection Vulnerability in Thycotic Secret Server before 10.2.000019 Cross-Site Request Forgery (CSRF) Vulnerability in ConnectWise Manage 2017.5 Arbitrary JavaScript Code Execution via XSS in ConnectWise Manage 2017.5 Contact.rails Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Invalid Memory Read Vulnerability in Ming 0.4.8's OpCode Function Heap-based Buffer Overflow Vulnerability in Ming 0.4.8's dcputs Function Null Pointer Dereference Vulnerability in Ming 0.4.8's stackswap Function Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8's decompileCALLFUNCTION Function SQL Injection Vulnerability in BigTree 4.2.18: Remote Code Execution via process.php Cross-Site Scripting (XSS) in Rspamd WebUI History Page Time-based Blind SQL Injection Vulnerability in Zoho ManageEngine Application Manager Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Application Manager 13.1 Build 13100 SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Arbitrary Code Execution Vulnerability in Zoho ManageEngine Application Manager 13.1 Build 13100 Privilege Escalation in HashiCorp Vagrant VMware Fusion Plugin DLL Hijacking Vulnerability in libexpat Hard-coded Mirth Connect Admin Credential in MEDHOST Connex XSS Vulnerability in MODX Revolution 2.5.7 System Settings Module Arbitrary Process Killing Vulnerability in Tenshi 0.15 Arbitrary Process Killing Vulnerability in Tinyproxy 1.8.4 and Earlier Vulnerability: Untrusted Search Path in VIT Spider Player 2.5.3 Allows DLL Hijacking DLL Hijacking Vulnerability in InternetSoft FTP Commander 8.02 and Prior SQL Injection Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 NULL Pointer Dereference Vulnerability in ImageMagick's ReadOneJNGImage Function Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-4's ReadMAGICKImage Function Heap-based Buffer Over-read Vulnerability in GetImageDepth Function of ImageMagick 7.0.6-4 Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Arbitrary PHP Code Execution in Earcms Ear Music 4.1 Build 20170710 Heap-based Buffer Overflow in Actian Pervasive PSQL and Zen via TCP Port 1583 Inappropriate Data Retention of Attachments in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Arbitrary PHP Code Execution via Image Upload in ProjeQtOr before 6.3.2 Unintended Information Disclosure in Microsoft Exchange Server 2013 and 2016 Microsoft Graphics Remote Code Execution Vulnerability Microsoft Graphics Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Windows Kernel Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore Scripting Engine Memory Corruption Vulnerability Windows Media Player Information Disclosure Vulnerability TRIE Remote Code Execution Vulnerability IBM BigFix Compliance 1.7 through 1.9.91 Information Disclosure Vulnerability .NET Core Denial of Service Vulnerability through Improper Certificate Data Parsing Windows Search DNS Response Remote Code Execution Vulnerability Windows Search Memory Object Handling Vulnerability Microsoft Outlook Security Feature Bypass Vulnerability Microsoft Office SharePoint XSS Vulnerability Outlook 2016 Email Content Disclosure Vulnerability Microsoft Office SharePoint XSS Vulnerability Windows DNSAPI Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Endpoint Manager for Security and Compliance 1.9.70 Windows SMB Remote Code Execution Vulnerability Windows SMB Denial of Service Vulnerability Windows SMB Elevation of Privilege Vulnerability ALPC Elevation of Privilege Vulnerability in Microsoft Windows Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Skype for Business Elevation of Privilege Vulnerability Windows Search Denial of Service Vulnerability Weak Cryptographic Algorithms in IBM BigFix Compliance Analytics 1.9.79: High-Risk Information Decryption Vulnerability Internet Explorer Memory Object Handling Vulnerability Scripting Engine Information Disclosure Vulnerability in ChakraCore, Internet Explorer, and Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Internet Explorer Microsoft Edge Memory Object Handling Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore Scripting Engine Arbitrary Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability IBM TRIRIGA Document Manager Authenticated User Privilege Escalation Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore Scripting Engine Arbitrary Code Execution Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Memory Object Handling Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Unencrypted Console Connection Vulnerability in IBM Tivoli Monitoring Portal V6 Scripting Engine Memory Corruption Vulnerability in Internet Explorer ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability in Microsoft Windows 7, Windows Server 2008 R2, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 Windows Kernel Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Storage Security Feature Bypass Vulnerability Windows Shell Remote Code Execution Vulnerability in Microsoft Windows 7 SP1 Arbitrary Command Execution Vulnerability in IBM Tivoli Monitoring Portal v6 Microsoft Office SharePoint XSS Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Windows PowerShell Session Security Bypass Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Office and SharePoint Microsoft Browser Memory Corruption Vulnerability Elevation of Privilege Vulnerability in Windows 10 Update Delivery Optimization SQL Injection Vulnerability in IBM Tivoli Monitoring Portal v6 Device Guard Security Feature Bypass Vulnerability Windows Kernel Memory Initialization Vulnerability Windows EOT Font Engine Information Disclosure Vulnerability Microsoft Edge Cross-Origin Information Disclosure Vulnerability Scripting Engine Information Disclosure Vulnerability in Internet Explorer Windows EOT Font Engine Information Disclosure Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Windows Kernel Memory Initialization Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Microsoft Edge Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Windows Kernel Elevation of Privilege Vulnerability Internet Explorer Information Disclosure Vulnerability Windows Kernel Memory Initialization Vulnerability Windows Graphics Component Memory Handling Vulnerability Windows Kernel Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Windows Kernel Memory Address Initialization Vulnerability Microsoft Word Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Content Security Policy (CSP) Validation Bypass Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Internet Explorer ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Security Feature Bypass Vulnerability in Windows 10 and Windows Server 2016 ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Security Feature Bypass Vulnerability Cross-Site Forgery and Elevation of Privilege Vulnerability in Microsoft Project Server and SharePoint Enterprise Server 2016 Excel Macro Security Bypass Vulnerability Microsoft Excel Memory Corruption Vulnerability ASP.NET Core 2.0 Session Information Theft Vulnerability Windows Kernel Object Initialization Information Disclosure Vulnerability Microsoft Office Memory Corruption Vulnerability .NET CORE Denial Of Service Vulnerability Microsoft Excel 2016 Click-to-Run (C2R) Memory Corruption Vulnerability Windows RRAS Service Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Windows Internet Explorer Scripting Engine Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 Scripting Engine Memory Corruption Vulnerability in Microsoft Windows ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Untrusted File Handling Security Bypass in Device Guard Arbitrary Code Execution Vulnerability in IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 Internet Explorer Scripting Engine Memory Corruption Vulnerability Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Information Disclosure Vulnerability in Internet Explorer Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1709 Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability Unrestricted URL Access Vulnerability in IBM Rational Collaborative Lifecycle Management Applications ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Information Disclosure Vulnerability XML External Entity Injection (XXE) Vulnerability in IBM Sterling B2B Integrator 5.2 Windows its:// Protocol Handler Information Disclosure Vulnerability IBM Sterling B2B Integrator Standard Edition 5.2 Information Disclosure Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Microsoft Exchange Spoofing Vulnerability in Outlook Web Access (OWA) Memory Handling Vulnerability in Microsoft Office 2013 and 2016: Information Disclosure Microsoft Office 2016 Click-to-Run (C2R) Remote Code Execution Vulnerability Web Request Handling Vulnerability in Microsoft SharePoint Enterprise Server 2016 Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Office 2016 Click-to-Run (C2R) Information Disclosure Vulnerability Cross-Site Request Forgery (CSRF) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Microsoft Malware Protection Engine Remote Code Execution Vulnerability Open Redirect Vulnerability in IBM Curam Social Program Management Weak Password Policy in IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 Inadequate Account Lockout Setting in IBM BigFix Compliance (TEMA SUAv1 SCA SCM) Allows Remote Brute Force Attack Sensitive Information Disclosure in IBM BigFix Compliance 1.7 through 1.9.91 Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Master Data Management Server 10.0-11.6 Certificate Validation Vulnerability in IBM BigFix Compliance 1.7 through 1.9.91 Clear Text Storage of User Credentials in IBM BigFix Compliance Analytics 1.9.79 HTML Injection Vulnerability in IBM BigFix Compliance 1.7 through 1.9.91 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications Hard-coded Credentials Vulnerability in IBM Tealeaf Customer Experience Privilege Escalation Vulnerability in IBM Platform LSF 10.1 Cross-Site Scripting (XSS) Vulnerability in MantisBT Installation Script Cross-Site Scripting (XSS) Vulnerability in MantisBT 2.x before 2.5.2 Bypassing Access Restrictions in csv_log_html Function in OpenEMR Arbitrary Code Execution in Cacti (CVE-2021-20227) Cross-Site Scripting (XSS) Vulnerability in Cacti 1.1.16 and Earlier Heap-Based Buffer Over-Read Vulnerability in Potrace 1.14's interpolate_cubic Function Cross-Site Scripting (XSS) Vulnerability in Event List Plugin 0.7.9 for WordPress XXE Vulnerability in OPC Foundation UA .NET Sample Code and Local Discovery Server (LDS) Clear Text Storage of User Credentials in IBM WebSphere Message Broker OPC Foundation DLLs Vulnerability: Potential for Malicious Code Replacement Arbitrary File Download Vulnerability in Synology Photo Station Arbitrary Code Injection via id Parameter in Synology Photo Station Arbitrary File Write Vulnerability in Synology DNS Server Command Injection Vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) Uncontrolled Resource Consumption Vulnerability in Synology DiskStation (DSM) Allows Remote DoS Attack Uncontrolled Resource Consumption Vulnerability in Synology Router Manager (SRM) Allows Remote DoS Attack Command Injection Vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 Arbitrary File Access Vulnerability in Synology Photo Station Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Information Exposure Vulnerability in Synology Photo Station Integer Overflow Vulnerability in Blender v2.78c Allows for Code Execution Blender CustomData Mesh Loading Integer Overflow Vulnerability Information Disclosure Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1: Remote Control Backdoor Vulnerability Circle with Disney Cloud Infrastructure Routing Vulnerability Blender Integer Overflow and Buffer Overflow Vulnerability Heap Overflow Vulnerability in tinysvcmdns Library Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Below Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Below Memory Module File Write Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Insufficient Resource Pool Vulnerability in Allen Bradley Micrologix 1400 Series B Firmware 21.2 and Earlier Arbitrary Command Execution Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1 WiFi Access Point Default Credentials Vulnerability WiFi Management Vulnerability in Circle with Disney: Unauthorized Network Connection Exploit Cross-Site Scripting (XSS) Vulnerability in delayed_job_web Rails Gem Version 1.4 Cross-Site Scripting (XSS) Vulnerability in Rails_Admin Gem 1.2.0 Integer Overflow Vulnerability in Blender v2.78c Allows for Code Execution Log File Injection Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 Integer Overflow and Buffer Overflow in Blender v2.78c Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Blender Curve to Polygon Conversion Integer Overflow Vulnerability Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Blender v2.78c Particle Object Integer Overflow Vulnerability Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Memory Corruption Vulnerability in Computerinsel Photoline 20.02's .TGA Parsing Functionality Memory Corruption Vulnerability in Computerinsel Photoline 20.02 PCX Parsing Functionality Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Information Disclosure Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Remote Code Execution Vulnerability in libxls 1.4 via xls_addCell Function Improper Authorization Vulnerability in cpp-ethereum's admin_addPeer API Improper Authorization Vulnerability in cpp-ethereum's admin_nodeInfo API Improper Authorization Vulnerability in cpp-ethereum's admin_peers API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC Miner_Stop API Denial of Service Vulnerability in CPP-Ethereum JSON-RPC APIs Denial of Service Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Heap Overflow Vulnerability in SDL2_image-2.0.2 ILBM Image Rendering Clear Text Transmission of Password Vulnerability in Moxa EDR-810 V4.1 build 17030317 Moxa EDR-810 V4.1 Web Server Denial of Service Vulnerability Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Cross-Site Request Forgery Vulnerability in Moxa EDR-810 V4.1 build 17030317 Clear Text Password Extraction Vulnerability in Moxa EDR-810 V4.1 build 17030317 Information Disclosure Vulnerability in Moxa EDR-810 Server Agent Weak Cryptography for Passwords Vulnerability in Moxa EDR-810 V4.1 build 17030317 NULL Pointer Dereference Vulnerability in tinysvcmdns Library XSS Vulnerability in Easy Testimonials Plugin 3.0.4 for WordPress DNS Stub Resolver Vulnerability in glibc: Simplifying Off-Path DNS Spoofing Attacks Use-after-free vulnerability in clntudp_call function in glibc before 2.26 Xen Vulnerability: Local OS Guest Users Can Corrupt Block Device Data Streams and Gain Host OS Privileges Transitive Grants Vulnerability in Xen Grant Table Code Race Condition Vulnerability Privilege Escalation via map_grant_ref Vulnerability in Xen Stored URL Redirect Bypass Vulnerability in XOOPS Core 2.5.8 Stored XSS Vulnerability in XOOPS Core 2.5.8's imagemanager.php Remote Code Execution Vulnerability in IBM iNotes 8.5 and 9.0 Excessive Memory Consumption Vulnerability in ImageMagick's ReadDCMImage Function Heap-based Buffer Overflow Vulnerability in ytnef 1.9.2: Denial of Service via Crafted File Invalid Memory Read Vulnerability in ytnef 1.9.2: Denial of Service via Crafted File Denial of Service Vulnerability in libquicktime 1.2.4 Allocation Failure Vulnerability in ytnef 1.9.2 Allows Denial of Service Allocation Failure Vulnerability in libquicktime 1.2.4's quicktime_read_ftyp Function Race Condition Vulnerability in Linux Kernel's driver_override Implementation Arbitrary Command and Code Execution Vulnerability in Ansible Tower's SCM Repositories Arbitrary Code Execution Vulnerability in Jboss Application Server Samba Vulnerability: Inadequate Enforcement of SMB Signing Samba Client Encryption Bypass Vulnerability NULL Pointer Dereference Vulnerability in nl80211_set_rekey_data() Function Vulnerability: Unauthorized Access to Hardware CR8 Register in KVM L2 Guest OS OpenStack TripleO Heat Templates: World-Readable Ceph Keyring Vulnerability XSS Vulnerability in Moodle 3.x Contact Form on Non-Respondents Page User Data Exposure in Moodle 3.x Course Reports Keycloak Vulnerability: Reflected XSS via HOST Header URL in Admin Console CSRF Vulnerability in Keycloak Allows Unauthorized Session Access Keycloak OAuth Token Persistence Vulnerability URL Spoofing Vulnerability in Keycloak Samba SMB1 Protocol Information Leak Vulnerability GDM 3.24.1 Vulnerability: Unauthorized Screen Unlock via Autologin Undertow HTTP Request Smuggling Vulnerability Buffer Overflow Vulnerability in OpenVPN Key-Method 1 World Readable Access to User and Role Information in EAP 7 Denial of Service Vulnerability in Linux Kernel's access_pmu_evcntr Function Password Hash Disclosure Vulnerability in FreeIPA Cross-Site Scripting Vulnerability in IBM WebSphere Portal 8.5 and 9.0 Packaging Error in Fedora's pure-ftpd Version 1.0.46-1: Security Configuration Override Vulnerability Improper Parsing of Configuration Comments in Red Hat Enterprise Linux 6.9 httpd 2.2.15-60 Privilege Escalation Vulnerability in PostgreSQL Startup Script Vulnerability: Injection in sssd's sysdb_search_user_by_upn_res() Function Artemis and HornetQ UDP Discovery Vulnerability: Heap Memory Exhaustion XSS Vulnerability in Red Hat Satellite Discovery Rule Autocomplete Xorg-X11-Server Vulnerability: Missing Length Validation in ProcEstablishConnection Function Integer Overflow Vulnerability in Xorg-X11-Server ProcDbeGetVisualInfo Function Xorg-X11-Server Vulnerability: Arbitrary Code Execution via ProcXIChangeHierarchy Function Integer Overflow Vulnerability in Xorg-X11-Server (Versions before 1.19.5) Cross-Site Request Forgery Vulnerability in IBM Tivoli Endpoint Manager (X-Force ID: 123858) Xorg-X11-Server Vulnerability: Arbitrary Code Execution via XFree86 VidModeExtension Xorg-X11-Server Vulnerability: Missing Length Validation in XFree86 DGA Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XFree86 DRI Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XFIXES Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XINERAMA Extension Xorg-X11-Server MIT-SCREEN-SAVER Extension Length Validation Vulnerability Xorg-X11-Server Vulnerability: Missing Length Validation in X-Resource Extension Xorg-X11-Server Vulnerability: Missing Length Validation in RENDER Extension MMU Potential Stack Buffer Overrun Vulnerability in Linux Kernel Local Privilege Escalation Vulnerability in Red Hat JBoss Enterprise Application Platform 7.0.7.GA XML External Entity Injection (XXE) Vulnerability in IBM Tivoli Endpoint Manager Memory Leak and System Lockup Vulnerability in Linux Kernel Privileged Access Vulnerability in CloudForms VMware Integration Denial of Service Vulnerability in Linux Kernel Key Management Subcomponent Denial of Service Vulnerability in Linux Kernel's assoc_array_insert_into_terminal_node Function Arbitrary Code Execution Vulnerability in spice-gtk Versions through 0.34 Authentication Bypass Vulnerability in Openshift Enterprise Elasticsearch Plugin Vulnerability: Digest Authentication Bypass in Undertow Authentication Bypass Vulnerability in libpam4j 1.8 SQL Injection Vulnerability in Etoile Ultimate Product Catalog Plugin for WordPress Sensitive Information Disclosure Vulnerability in IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) XSS Vulnerability in Etoile Ultimate Product Catalog Plugin 4.2.11 for WordPress Weak Password Policy in IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) IPv6 SNMP Code Vulnerability in Cisco IOS and IOS XE Software Cisco Unity Connection Web Framework Reflected XSS Vulnerability Vulnerability in Dynamic ACL Assignment on Cisco Catalyst 4000 Series Switches Elevated Privileges Vulnerability in Cisco Unified Customer Voice Portal (CVP) OAMP Credential Reset Functionality Denial of Service (DoS) Vulnerability in Cisco Email Security Appliance Cisco SocialMiner XML External Entity (XXE) Vulnerability Cisco ASR 5500 System Architecture Evolution (SAE) Gateway GPRS Tunneling Protocol Ingress Packet Handler Denial of Service Vulnerability Email Attachment Malware Delivery Vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliances IP Fragment Handling Vulnerability in Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones Authentication Bypass Vulnerability in IBM Tivoli Endpoint Manager Reflected Cross-Site Scripting Vulnerability in Cisco Firepower Management Center Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center Denial of Service Vulnerability in Cisco IOS XE Wireless Controller Manager Unsigned Hypervisor Boot Vulnerability in Cisco IR800 Integrated Services Router Software Vulnerability in Cisco Meeting Server Allows Unauthorized Access via Hyperlinks Session Fixation Vulnerability in Cisco Prime LAN Management Solution Privilege Escalation Vulnerability in Cisco Wireless Controllers Blind SQL Injection Vulnerability in Cisco Emergency Responder Invalid Certificate Vulnerability in Cisco Network Plug and Play Application Authentication Bypass Vulnerability in Cisco IOS XE Web UI REST API Open Redirect Vulnerability in IBM Tivoli Endpoint Manager Allows for Phishing Attacks Privilege Escalation Vulnerability in Cisco IOS XE 16.2 Web UI Cisco IOS NAT ALG H.323 RAS DoS Vulnerability Misclassification of Ethernet Frames Vulnerability in Cisco ISR G2 Routers Cisco IOS CIP Denial of Service Vulnerabilities Denial of Service (DoS) Vulnerabilities in Cisco IOS CIP Implementation PROFINET PN-DCP Identify Request Packet Parsing Vulnerability Vulnerability in Cisco IOS XE LISP Implementation Allows Authentication Bypass Vulnerability in Cisco IOS and IOS XE IKEv2 Module Leading to Denial of Service (DoS) Vulnerability in VPLS Code of Cisco Catalyst 6800 Series Switches Allows DoS Attack Unauthenticated Physical Access Vulnerability in Cisco ASR 1000 Series and Cisco cBR-8 Routers Weak Cryptographic Algorithms in IBM Tivoli Endpoint Manager: A Potential Threat to Sensitive Data Buffer Overflow Vulnerability in Cisco IOS and IOS XE DHCP Relay Subsystem Command Injection Vulnerability in Cisco UCS Manager, Firepower 4100 Series NGFW, and Firepower 9300 Security Appliance Vulnerability in IPv6 Packet Parsing for Cisco Firepower System Software Firepower Detection Engine SSL Decryption Memory Consumption DoS Vulnerability Cisco ASA Software Direct Authentication Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Intelligence Center Software Vulnerability in Cisco Meeting Server (CMS) TURN Server Allows Unauthorized Access Sensitive Information Disclosure in IBM Tivoli Endpoint Manager Cisco WAAS HTTP Interface Denial of Service Vulnerability Title: Cisco Cloud Services Platform (CSP) 2100 Web Console Authentication Vulnerability Cisco FindIT Network Discovery Utility DLL Preloading Vulnerability Unauthenticated Remote Execution Vulnerability in Cisco Unified Intelligence Center Cisco Unified Intelligence Center Web Interface DOM-based Cross-Site Scripting Vulnerability Cisco UCS Central Software CLI Restricted Shell Break Vulnerability Akamai Connect Feature Denial-of-Service Vulnerability in Cisco WAAS Appliances Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server Cross-Frame Scripting Vulnerability in Cisco Unified Communications Manager Denial of Service (DoS) Vulnerability in Cisco Small Business SPA51x Series IP Phones Sensitive Information Disclosure in IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) Cisco Small Business IP Phones Denial of Service Vulnerability Vulnerability in Cisco ISE Restricted Shell Allows Arbitrary CLI Command Execution Privileged Access Vulnerability in Cisco APIC-EM Firewall Configuration Cisco License Manager Software Directory Traversal Vulnerability Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability Cisco ASA Software Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability Cisco Meeting App for Windows DLL Loading Vulnerability Cisco WAAS ICA Accelerator Denial of Service Vulnerability Dual-Homed Interface Vulnerability in Cisco AnyConnect Secure Mobility Client Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Spark Messaging Software Resource Consumption Vulnerability in IBM Tivoli Endpoint Manager (X-Force ID: 123906) Denial of Service Vulnerability in Cisco IOS XR Software for Cisco NCS 5500 Series Routers Unauthenticated Remote Execution Vulnerability in Cisco SPA300 and SPA500 Series IP Phones Cross-Site Scripting (XSS) Vulnerability in Cisco IOS XE Software Vulnerability in 802.11 Association Request Frame Processing for Cisco Aironet Access Points Cisco Aironet Access Point EAP Frame Processing Denial of Service Vulnerability Denial of Service (DoS) vulnerability in Cisco Wireless LAN Controllers SQL Injection Vulnerability in Cisco Prime Collaboration Provisioning Application Arbitrary Command Execution Vulnerability in Cisco Firepower Smart Licensing Manager Cisco Wireless LAN Controllers SNMP Memory Leak DoS Vulnerability Memory Disclosure Vulnerability in Cisco Aironet Access Points Insecure Cookie Attribute in IBM Tivoli Endpoint Manager Allows Information Disclosure Cisco Wireless LAN Controllers CAPWAP Discovery Request Parsing DoS Vulnerability PEAP Authentication Bypass Vulnerability in Cisco Aironet Access Points Cisco Wireless LAN Controllers ANQP Ingress Frame Processing DoS Vulnerability Denial of Service Vulnerability in Cisco Aironet 3800 Series Access Points Cisco Jabber for Windows Client Local Information Disclosure Vulnerability Cisco Network Analysis Module Software Directory Traversal Vulnerability Cisco Jabber Web Interface Vulnerability Allows Unauthorized Access to User Profile Information Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software Cluster Database Management Component Denial of Service Vulnerability Cisco Unified Contact Center Express Web-Based Management Interface Cross-Site Scripting Vulnerability IPsec Debug Logging Vulnerability in Cisco IOS XE Software IBM Tivoli Endpoint Manager Vulnerability: Information Disclosure via Insecure HTTP Transport Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Cisco WebEx Meetings Server Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server Unauthenticated Remote Access to Sensitive Data in Cisco WebEx Meetings Server Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server URL Redirection Vulnerability in Cisco WebEx Meeting Center Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meeting Center Vulnerability in Cisco ASA Next-Generation Firewall Services Allows Bypass of Local IP Management Traffic Filters Insufficient Randomness in IBM Tivoli Endpoint Manager: A Potential Information Exposure Vulnerability Bypassing File Policy for SMB2 Protocol in Cisco Firepower System Software Vulnerability in Python Scripting Subsystem of Cisco NX-OS Software Allows Unauthorized Access Cisco Unified Communications Manager SQL Injection Vulnerability Bypassing AMP File Filtering Rule in Cisco Web Security Appliance Cross-Site Scripting (XSS) Vulnerability in Cisco IOSd Web-Based Management Interface Debug Shell Command Injection in Cisco IP Phone 8800 Series Signature Verification Bypass in Cisco Spark Board Upgrade Process Cisco Small Business Managed Switches Software Reflected Cross-Site Scripting Vulnerability Cisco Small Business Managed Switches Software HTTP Response Splitting Vulnerability Cisco Email Security Appliance (ESA) HTTP Response Splitting Vulnerability Clear Text Storage of User Credentials in IBM BigFix Platform 9.5 - 9.5.9 Unencrypted Header Disclosure Vulnerability in Cisco Spark Hybrid Calendar Service H.264 Decoder Function Denial of Service Vulnerability in Cisco Meeting Server DLL Preloading Vulnerability in Cisco Immunet Antimalware Installer Untrusted Search Path Vulnerability in Cisco Network Academy Packet Tracer Software Cisco FindIT Network Discovery Utility DLL Preloading Vulnerability Sensitive Information Exposure in Cisco HyperFlex System Logging Insufficient Server-Side Login Attempt Limit Enforcement in Cisco ISE Guest Portal Static Key Value Vulnerability in Cisco AMP For Endpoints Application Cisco RF Gateway 1 Denial of Service Vulnerability Vulnerability in BGP EVPN Implementation for Cisco IOS XE Software Cleartext Transmission Vulnerability in IBM Tivoli Endpoint Manager Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Cisco IP Phone 8800 Series SIP Call Handling Denial of Service Vulnerability Command Injection Vulnerability in Cisco Firepower and NX-OS Systems Privilege Escalation Vulnerability in IBM Remote Control v9 Title: Cisco NX-OS CLI Command Injection Vulnerability Insufficient Signature Verification in Cisco NX-OS System Software Patch Loading Vulnerability Vulnerability in Cisco NX-OS System Software Patch Installation Allows Arbitrary File Writing Insufficient Signature Verification in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Vulnerability Title: Cisco NX-OS TCL Scripting Subsystem Escape and Unauthorized Access Vulnerability in Cisco Collaboration Products Upgrade Mechanism Vulnerability in Cisco NX-OS CLI Allows Unauthorized File Reading Command Injection Vulnerability in Cisco NX-OS System Software Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 and 7.3 Vulnerability: Unauthorized Access to Bash Shell in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Vulnerability in Open Agent Container (OAC) Feature of Cisco Nexus Series Switches Allows Unauthorized Packet Access Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Cross-Site Scripting (XSS) and Session Hijacking Vulnerabilities in Cisco UCS Central Software Cross-Site Scripting (XSS) and Session Hijacking Vulnerabilities in Cisco UCS Central Software Denial of Service Vulnerability in IBM WebSphere MQ 8.0 Default Static User Credentials Vulnerability in Cisco Umbrella Insights Virtual Appliances Unauthorized Internal Interface Access in Cisco NX-OS System Software Privilege Escalation Vulnerability in Cisco Application Policy Infrastructure Controllers Cisco AsyncOS Software MIME Scanner Bypass Vulnerability Unauthenticated Remote Information Disclosure Vulnerability in Cisco Secure Access Control System (ACS) Cisco IOS XR Software LPTS Ingress Frame-Processing Denial of Service Vulnerability Cross-Site Scripting Vulnerability in Cisco Jabber Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Web Interface Cross-Site Scripting (XSS) Vulnerability in Cisco Jabber Web-Based Management Interface Buffer Overflow Vulnerability in Cisco WebEx Network Recording Player for .arf Files Denial of Service Vulnerability in IBM WebSphere MQ 9.0.2 Cisco WebEx Network Recording Player Denial of Service Vulnerability Cisco Jabber for Windows Vulnerability: Unauthorized Access to Sensitive Communications Cisco Meeting Server Denial of Service Vulnerability Unauthenticated Remote Attackers Can Modify Meeting Welcome Messages in Cisco WebEx Meeting Server SQL Injection Vulnerability in Cisco Prime Service Catalog Unlisted Meeting Information Disclosure Vulnerability in Cisco WebEx Event Center Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meeting Center Cisco WebEx Network Recording Player Denial of Service and Remote Code Execution Vulnerability Cisco WebEx Network Recording Player Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Cisco WebEx Network Recording Player Cross-Site Scripting Vulnerability in IBM Jazz Based Applications (IBM X-Force ID: 124355) Cisco WebEx Network Recording Player Remote Code Execution Vulnerability Cisco WebEx Network Recording Player Remote Code Execution Vulnerability WebEx Network Recording Player Remote Code Execution Vulnerability Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability in Cisco ASA 5500 Series devices Use-After-Free Vulnerability in ClamAV AntiVirus Software ClamAV AntiVirus Software Prior to Version 0.99.2 Denial of Service Vulnerability Buffer Overflow Vulnerability in ClamAV AntiVirus Software Allows for DoS and Arbitrary Code Execution Heap-based Buffer Over-read Vulnerability in ClamAV AntiVirus Software ClamAV AntiVirus Software Prior to 0.99.2 Denial of Service Vulnerability Buffer Overflow Vulnerability in ClamAV AntiVirus Software Versions 0.99.2 and Prior Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 ClamAV AntiVirus Software Prior to 0.99.2 Denial of Service Vulnerability Sensitive Information Disclosure in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 via HTTP 500 Internal Server Error Responses Sensitive Information Disclosure in IBM Rhapsody DM Products via HTTP 500 Internal Server Error Responses Stack Trace Information Disclosure Vulnerability in IBM Jazz Foundation Applications Race Condition Exploit: Arbitrary Code Execution in Kaseya Virtual System Administrator Agent Stack Overflow Vulnerability in ccn-lite-ccnb2xml in CCN-lite before 2.0.0 XSS Vulnerability in AXIS 2100 Devices 2.43 via URI DLL Hijacking Vulnerability in Format Factory 4.1.0 Cross-Site Request Forgery (CSRF) Vulnerability in OXID eShop Community, Enterprise, and Professional Editions GlobalProtect Gateway Interface Cross-Site Scripting (XSS) Vulnerability Memory leaks in parse8BIMW and format8BIM functions in ImageMagick 7.0.6-5 Remote File Access Vulnerability in MantisBT 2.5.2 HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Heap-based Buffer Overflow in NetApp Clustered Data ONTAP Arbitrary Code Execution Vulnerability in NetApp Clustered Data ONTAP 8.3.x Arbitrary Object Deletion Vulnerability in NetApp StorageGRID Webscale Unauthorized Data Access in NetApp Clustered Data ONTAP 8.3.x Privilege Boundary Cross in shadow's newusers Tool Denial-of-Service Vulnerability in Varnish HTTP Cache Arbitrary Code Execution via Crafted SSH URL in GitLab Community Edition and Enterprise Edition Memory Leak Vulnerability in ImageMagick's ProcessMSLScript Function Memory Leak Vulnerability in ImageMagick 7.0.6-1: Exploiting ReadWMFImage in coders/wmf.c to Cause Denial of Service in CloneDrawInfo in draw.c Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1's ReadMIFFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1's ReadMPCImage Function Use-After-Free Vulnerability in ImageMagick 7.0.6-1's ReadWMFImage Function Allows Denial of Service Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadPCXImage Function in coders/pcx.c Memory Leak Vulnerability in ImageMagick 7.0.6-1: ReadPESImage Function in coders/pes.c ImageMagick 7.0.6-1: Denial of Service Vulnerability in ReadMATImage Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadSUNImage Function in coders/sun.c XML Injection and Cross-Site Scripting Vulnerabilities in SocuSoft Flash Slideshow Maker Professional v5.20 Trust ID Verification Bypass in Aodh Alarm Action Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service and Stack Corruption Vulnerability in GdkPixBuf Heap Use After Free Vulnerability in BFD Library Allows Remote Code Execution Out-of-Bounds Heap Read Vulnerability in libbfd Cross-Site Scripting Vulnerability in IBM Rational Software Architect Design Manager 5.0 and 6.0 Out of Bounds Heap Write Vulnerability in GNU Binutils Out-of-Bounds Stack Read Vulnerability in BFD Library Out-of-Bounds Heap Read Vulnerability in BFD Library Out-of-Bounds Heap Read Vulnerability in libbfd.c Arbitrary Memory Read Vulnerability in GNU Binutils' BFD Library Out-of-Bounds Heap Read Vulnerability in GNU Binutils' libbfd Out-of-Bounds Heap Read Vulnerability in GNU Binutils 2.29 and Earlier NULL Dereference Vulnerability in BFD Library's bfd_make_section_with_flags Function Out-of-Bounds Heap Read Vulnerability in libbfd Out-of-Bounds Heap Write Vulnerability in BFD Library HTML Injection Vulnerability in Barco ClickShare CSM-1 and CSC-1 Firmware Memory Leak in ccnl_app_RX Function in CCN-lite: Denial of Service Vulnerability NULL pointer dereference vulnerability in ccn-lite-valid.c in CCN-lite before 2.00 Multiple Integer Overflows in CCN-lite: Unspecified Impact via Vectors Out-of-Bounds Access Vulnerability in CCN-lite before 2.00 Memory Leak Vulnerability in CCN-lite before 2.00: Denial of Service via Memory Consumption Buffer Overflow in ccn-lite-ccnb2xml.c in CCN-lite: Context-Dependent Attack Vector Buffer Overflow Vulnerability in CCN-lite 2.00: Incorrect Memory Allocation in util/ccnl-common.c Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Integer Overflow in ndn_parse_sequence Function in CCN-lite: Unspecified Impact via typ and vallen Variables Out-of-bounds Read Vulnerability in cnb_parse_lev Function in CCN-lite Missing NULL Pointer Checks in ccnl-ext-mgmt.c in CCN-lite before 2.00 CCN-lite Vulnerability: Denial of Service via Wrong L Values in ccnl_ccntlv_bytes2pkt NULL Pointer Dereference and Application Crash in AP4_AtomSampleTable::GetSample function NULL Pointer Dereference and Application Crash in Bento4 mp4encrypt NULL Pointer Dereference and Application Crash in AP4_AvccAtom::InspectFields Function Authentication Bypass Vulnerability in Unitrends Backup (UB) Unauthenticated Remote Command Execution in Unitrends Backup (UB) Web Interface Session Logic Vulnerability in Unitrends Backup (UB) Allows Privilege Escalation HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Sandboxie Installer 5071703 DLL Hijacking Vulnerability Stack-based buffer overflow vulnerability in the find_option function in option.cc in Ledger 3.1.1 Remote Code Execution Vulnerability in Ledger 3.1.1 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Cross-Site Scripting (XSS) Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) CLM Application Vulnerability Exposes Administrative Deployment Parameters Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Arbitrary Command Execution Vulnerability in IBM Security Guardium 10.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) XML External Entity Injection (XXE) Vulnerability in IBM Security Guardium 10.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Authentication Bypass and Code Execution Vulnerability in HPE iLO 4 (Version < 2.53) Remote Disclosure of Information Vulnerability in Moonshot Remote Console Administrator and iLO Firmware Cross-Site Scripting Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Remote Denial of Service Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Critical Buffer Overflow Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Local Authentication Bypass Vulnerability in HPE System Management Homepage Weak Cryptographic Algorithms in IBM Security Guardium 10.x Local Security Misconfiguration Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage Arbitrary Command Execution Vulnerability in HPE System Management Homepage Local Authentication Bypass Vulnerability in HPE System Management Homepage Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) Plat 7.3 E0504P2 and Earlier Critical Vulnerability: Remote Arbitrary File Download and Information Disclosure in HPE Intelligent Management Center (iMC) SOM 7.3 E0501 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10.0, 10.1 Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Heap-based Buffer Overflow in libsndfile through 1.0.28: Remote DoS and Possible Other Impact Memory Exhaustion Vulnerability in ImageMagick 7.0.6-2: Denial of Service in ReadPSDImage Memory Leak Vulnerability in ImageMagick 7.0.6-2's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2: ReadOneJNGImage Function in coders/png.c Memory Leak Vulnerability in ImageMagick 7.0.6-2: ReadMVGImage Function in coders/mvg.c SQL Injection Vulnerability in Quest KACE Asset Management Appliance, Systems Management Appliance, and K1000 as a Service Denial of Service Vulnerability in Debut Embedded HTTPD 1.20 in Brother DCP-J132W IBM Security Guardium 10.0 Unauthorized Disclosure of Sensitive Information Vulnerability Persistent Cross Site Scripting (XSS) in Splunk Enterprise and Splunk Light versions before 6.5.2, 6.4.6, and 6.3.9 (SPL-134104) Command-Injection Vulnerability in PLANEX CS-W50HD NAS Settings Page Hardcoded Credential Injection Vulnerability in PLANEX CS-W50HD Devices Unauthenticated Access to Sensitive Information on NEC Aterm WG2600HP2 Router Undocumented Management Page Allows Arbitrary Code Execution on PLANEX CS-QR20 1.30 Hardcoded Credentials and Root Command Execution Vulnerability in PLANEX CS-QR20 1.30 Insecure SUID Wrapper Binary Vulnerability in Vagrant VMware Fusion Plugin Authentication Bypass Vulnerability in IBM Security Guardium 10.0 and 10.1 DLL Preloading Vulnerability in IDM UltraEdit Remote Command Execution via NodeIntegration Bypass in GitHub Electron Unprivileged User SID Bypass Vulnerability in QNAP TS212P Surveillance Station Component XSS Vulnerability in DokuWiki through 2017-02-19b CSRF Vulnerability and Account Takeover in SLiMS 8 Akasia through 8.3.1 SQL Injection Vulnerability in SLiMS 8 Akasia (admin/AJAX_lookup_handler.php, admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php) Arbitrary File Reading Vulnerability in SLiMS 8 Akasia through 8.3.1 Large Loop Vulnerability in ImageMagick 7.0.6-1's ReadPWPImage Function Format String Vulnerability in ZMQ3 Input and Output Modules in Rsyslog CSRF Vulnerability in ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 Devices Reflected XSS Vulnerability in ASUS RT-N14UHP Devices ASUS DSL-N10S V2.1.16_APAC Devices Vulnerable to Reflected and Stored Cross-Site Scripting via snmpSysName Parameter Privilege Escalation Vulnerability in ASUS DSL-N10S V2.1.16_APAC Devices CSRF Vulnerability in ASUS DSL-N10S V2.1.16_APAC Devices Recursive Tokenizer Vulnerability in QPDF 6.0.0 and 7.0.b1 Heap-based Buffer Over-read Vulnerability in OpenEXR 2.2.0 Out-of-Bounds Write Vulnerability in OpenCV's cv::imread Function Out-of-bounds read vulnerability in OpenCV's cv::RBaseStream::readBlock function Out-of-Bounds Read Vulnerability in OpenCV's icvCvt_BGRA2BGR_8u_C4C3R Function OpenCV Denial of Service Vulnerability: CPU Exhaustion Buffer Overflow in cv::BmpDecoder::readData function in OpenCV OpenCV Denial of Service Vulnerability: Memory Consumption Invalid Write Vulnerability in OpenCV's cv::RLByteStream::getBytes Function Out-of-Bounds Write Vulnerability in OpenCV's FillUniColor Function Out-of-Bounds Write Vulnerability in OpenCV's FillColorRow8 Function Out-of-Bounds Write Vulnerability in OpenCV's cv::imread Function OpenOffice PPT File Parser Denial of Service and Arbitrary Code Execution Vulnerability Apache OpenOffice Writer DOC File Parser Vulnerability Local User Can Read Sensitive Information in IBM Security Guardium 10.0 Log Files Impersonation Vulnerability in Apache Kafka's SASL Authentication Remote Code Execution (RCE) Vulnerability in Apache Struts 2.0.0 - 2.3.33 and 2.5 - 2.5.10.1 Unsafe Deserialization Vulnerability in Apache Spark Launcher API Invalid Month Field Value Vulnerability in Apache Portable Runtime (APR) 1.6.2 and Prior Reflected XSS Vulnerability in Apache Airflow 404 Pages Apache Tomcat 7.0.0 to 7.0.79 Windows HTTP PUT JSP Code Execution Vulnerability VirtualDirContext Security Bypass and JSP Source Code Exposure Vulnerability in Apache Tomcat 7.0.0 to 7.0.80 Apache Tomcat Remote Code Execution Vulnerability Apache Portable Runtime Utility (APR-util) SDBM Database File Integrity Validation Vulnerability Session Fixation Vulnerability in Apache Zeppelin (CVE-XXXX-XXXX) IBM Security Guardium 10.0 Vulnerability: HTTP Response Splitting Apache OpenNLP XML External Entity (XXE) Vulnerability XML External Entity (XXE) Vulnerability in Apache Commons Jelly before 1.0.1 Unauthorized Access to Apache Geode Cluster Members in Secure Mode XML External Entity (XXE) Vulnerability in Apache NiFi Denial of Service (DoS) Vulnerability in Apache CXF Inadequate Policy Enforcement for Masked Columns in Apache Hive Apache POI Vulnerabilities: Denial of Service Attacks through Crafted Files Null Pointer Dereference Vulnerability in Apache Xerces-C XML Parser Library Java Deserialization Vulnerability in Apache James JMX Server Remote Code Execution Vulnerability in Apache Solr and Lucene Arbitrary Script Injection Vulnerability in Apache Drill 1.11.0 and Earlier CSRF Vulnerability in Apache CXF Fediz Spring Plugins Host Header Injection Vulnerability in Apache NiFi Java Object Deserialization Vulnerability in Apache Camel's Camel-Hessian Component Apache Camel Java Object Deserialization Vulnerability Apache CouchDB JSON Parser Vulnerability Arbitrary Command Execution in CouchDB via Configuration Options SAP NetWeaver Application Server Java 7.5 Directory Traversal Vulnerability ETBL or ETCETERABLUE: Stack-Based Buffer Overflow in Ipswitch IMail Server 12.5.5 Ipswitch IMail Server 12.5.5 Stack Based Buffer Overflow Vulnerability Insufficient Actor Identity Verification in IBM Security Guardium 10.0 Out-of-Bounds Read Vulnerability in ImageMagick 7.0.6-1's ReadOneMNGImage Memory Leak Vulnerability in ImageMagick 7.0.6-1: ReadOneJNGImage in coders\png.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadMPCImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadOneJNGImage in coders\png.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadDCMImage Function Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Invalid PortletID Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Login Credentials or E-mail Address Cross-Site Scripting (XSS) Vulnerability in Liferay Portal 7.0 CE GA4 via Knowledge Base Article Title Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Bookmark URL Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Crafted Title or Summary in Web Content Display Certificate Validation Vulnerability in IBM Security Guardium SQL Injection in Loginizer Plugin for WordPress via X-Forwarded-For Header CSRF Vulnerability in Loginizer Plugin's Blacklist and Whitelist IP Wizard Chunk Length Check Vulnerability in libpng Privilege Escalation via Trojan Horse Shcore.dll in 360 Total Security 9.0.0.1202 Memory Leak Vulnerability in ImageMagick's ReadPICTImage Function Cross-Site Scripting (XSS) in NexusPHP v1.5 via log.php dailylog action Insecure Permissions Specification in IBM Security Guardium 10.0 Memory Leak Vulnerability in ImageMagick 7.0.6-2 WritePDFImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteMAPImage Function Memory Leak Vulnerability in WritePALMImage in ImageMagick 7.0.6-2 Memory Leak Vulnerability in ImageMagick 7.0.6-2's WritePICTImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteINLINEImage in coders/inline.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WritePCXImage in coders/pcx.c Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteCALSImage in coders/cals.c Insufficient Verification of Code Origin and Integrity in IBM Security Guardium 10.0 and 10.1 Denial of Service Vulnerability in ImageMagick 7.0.6-3 Denial of Service Vulnerability in ImageMagick 7.0.6-3 Memory Leak Vulnerability in ImageMagick 7.0.6-3's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-3: ReadOneMNGImage in coders/png.c ImageMagick 7.0.6-2 Denial of Service Vulnerability in ReadPDBImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-3: Exploiting Missing Check for Multidimensional Data in coders/mat.c Memory Leak Vulnerability in ImageMagick 7.0.6-3: ReadOneJNGImage in coders/png.c XSS Vulnerability in IdentityServer3 Allows Information Disclosure TagLib 1.11.1 - Pointer Casting Vulnerability in rebuildAggregateFrames Function SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via delcheater parameter in cheaterbox.php Lack of Salt in IBM Security Guardium 10 and 10.5 Cryptographic Hash Vulnerability Cross-Site Scripting (XSS) in NexusPHP 1.5 via shoutbox.php's type parameter SQL Injection Vulnerability in IBM Security Guardium 10.0 and 10.1 Denial of Service Vulnerability in ImageMagick 7.0.6-6 Memory Consumption Denial of Service Vulnerability in ImageMagick 7.0.6-6 Denial of Service Vulnerability in ImageMagick 7.0.6-6 via Crafted BMP File SpiderControl SCADA Web Server Directory Traversal Vulnerability Improper Authentication in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1 Allows Password Reset Man-in-the-Middle Vulnerability in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1 Authentication Bypass Vulnerability in Advantech WebAccess Versions Prior to V8.2_20170817 Incorrect Default Permissions Vulnerability in AzeoTech DAQFactory Versions Prior to 17.1 Session Fixation/Hijacking Vulnerability in IBM Security Guardium 10.0 Improper Input Validation Vulnerability in BMC Medical Luna CPAP Machines Externally Controlled Format String Vulnerability in Advantech WebAccess Cross-Site Request Forgery (CSRF) Vulnerability in Westermo MRD-305-DIN and MRD-315, MRD-355, MRD-455 Heap-Based Buffer Overflow Vulnerability in Advantech WebAccess Heap-Based Buffer Overflow in Advantech WebOP Stack-based Buffer Overflow Vulnerability in Advantech WebAccess Stack-based Buffer Overflow Vulnerability in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and Prior Memory Buffer Overflow Vulnerability in Advantech WebAccess Use of Hard-Coded Credentials Vulnerability in MRD-305-DIN and MRD-315, MRD-355, MRD-455 Devices Weak Algorithm Negotiation in IBM Security Guardium 9.0, 9.1, and 9.5 SQL Injection Vulnerability in Advantech WebAccess Versions Prior to V8.2_20170817 Privilege Escalation Vulnerability in Advantech WebAccess Vulnerability: Authentication Bypass in Abbott Laboratories Pacemakers Incorrect Permission Assignment for Critical Resource in Advantech WebAccess Versions Prior to V8.2_20170817 Vulnerability: Unrestricted RF Wake-up Commands in Abbott Laboratories Pacemakers Unencrypted Transmission and Storage of Patient Information in Abbott Laboratories Accent and Anthem Pacemakers Uncontrolled Search Path Element Vulnerability in Advantech WebAccess Buffer Overflow Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Untrusted Pointer Dereference Vulnerability in Advantech WebAccess Sensitive Information Disclosure in IBM Security Guardium 10.0 and 10.5 via URL Parameters Unauthenticated FTP Access in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Improper Certificate Validation in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Out-of-bounds Read Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerability: Passwords Stored in Configuration File in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Credentials Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Credentials in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Password Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Privilege Escalation Vulnerability in SpiderControl SCADA Web Server SQL Injection Vulnerability in Moxa SoftCMS Live Viewer Unquoted Search Path Vulnerability in mySCADA myPRO Versions 7.0.26 and Prior SQL Injection Vulnerability in OPW Fuel Management Systems SiteSentinel Integra and iSite ATG Consoles Stack-based Buffer Overflow in GE CIMPLICITY Versions 9.0 and Prior: Arbitrary Remote Code Execution Vulnerability Authentication Bypass Vulnerability in OPW Fuel Management Systems SiteSentinel Consoles Session ID Exposure in LOGO! 8 BM Web Server Man-in-the-Middle Attack Vulnerability in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3) RUGGEDCOM ROS and SCALANCE Vulnerability: Unauthorized Administrative Actions via RCDP Unauthenticated Remote Information Disclosure Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules Siemens SICAM RTUs SM-2556 COM Modules Firmware XSS Vulnerability Unauthenticated Remote Code Execution Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules Stack-based Overflow in IBM Domino IMAP Service Unprotected Communication Channel Vulnerability in Siemens LOGO! Soft Comfort (All versions before V8.2) Title: Denial-of-Service Vulnerability in PROFINET IO Development/Evaluation Kits and Siemens Industrial Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Stack Buffer Overflow Vulnerability in Asuswrt-Merlin Firmware for ASUS Devices Command Injection Vulnerability in extplorer 2.1.9 and Prior: Exploiting Userfile[0] Parameter Vulnerability: SQL Injection in Ambit Technologies Pvt. Ltd Products Joomla! Component Appointment 1.1 - Remote Code Execution via SQL Injection Critical SQL Injection Vulnerability in SOA School Management 3.0 Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Critical SQL Injection Vulnerability in Mobiketa 4.0 Allows Remote Code Execution Arbitrary File Download via SQL Injection in WebFile Explorer 1.0 Buffer Overflow Vulnerability in isdn_net.c Privilege Escalation via Unspecified Server Utility in NoMachine Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Remote Code Execution in FineCMS 1.9.5 ContentController.php Multiple User Account Creation Vulnerability in Question2Answer SQL Injection Vulnerability in NexusPHP 1.5 reports.php (delreport parameter) XSS Vulnerability in NexusPHP v1.5 via usersearch.php Parameter Authentication Bypass Vulnerability in qBittorrent UI Lock Feature Null Pointer Dereference Vulnerability in mkvalidator 0.5.1 HTML Injection Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Denial of Service Vulnerability in libebml2's ReadData Function Null Pointer Dereference Vulnerability in libebml2 Denial of Service Vulnerability in libebml2's ReadData Function Denial of Service Vulnerability in libebml2's ReadDataFloat Function Remote Denial of Service Vulnerability in Youngzsoft CCFile 3.6 Buffer Overflow Vulnerability in NoviSwitch's Novish Command-Line Interface Stack-based Buffer Overflow in NoviWare Software on NoviSwitch Devices Vulnerability: Remote Code Execution via ACL Modification Bug in NoviWare Software Metinfo 5.3.18 Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin/index.php CSRF Vulnerability in Metinfo 5.3.18: Remote Information Disclosure via admin/interface/online/delete.php Directory Traversal Vulnerability in IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 CSRF Vulnerability in Metinfo 5.3.18: Information Disclosure via admin/index.php Directory Traversal Vulnerability in Minion ID Validation in SaltStack Salt Cross-Site Request Forgery (CSRF) Vulnerabilities in NexusPHP 1.5 Cross-Site Scripting (XSS) Vulnerability in Django Debug Page Improper Input Validation in OpenMRS openmrs-module-htmlformentry 3.3.2 Unauthenticated Remote Command Execution in OpenMRS Reporting Compatibility Add On Integer Overflow in ID3 Parser Allows Remote Denial of Service Cross-Site Scripting (XSS) in NexusPHP v1.5 via searchsuggest.php's q parameter Buffer Overflow Vulnerability in elf_read_notes Function in GNU Binutils 2.29 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Null Pointer Dereference Vulnerability in libebml2 Denial of Service Vulnerability in libebml2 through 2012-08-26 Denial of Service Vulnerability in libebml2 through 2012-08-26 Denial of Service Vulnerability in mkclean 0.8.9 via Crafted MKV File Denial of Service Vulnerability in ImageWorsener 1.3.2 Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6's ReadTIFFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6: Exploiting format8BIM Function for Denial of Service QEMU IDE Disk and CD/DVD-ROM Emulator Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Stored XSS Vulnerability in PHPJabbers PHP Newsletter Script 4.2 Admin Panel Lists Stored XSS Vulnerability in PHPJabbers Star Rating Script 4.0 Stored XSS Vulnerability in PHPJabbers Night Club Booking Software Stored XSS Vulnerability in PHPJabbers File Sharing Script 1.0 Stack-based buffer overflow in CPerlHost::Add method in Perl on Windows Bomgar Remote Support Portal JavaStart.jar Applet Path Traversal Vulnerability Weak Permissions in Kaspersky Internet Security for Android 11.12.4.1622 Expose Vulnerability to Unauthorized Access via Android IPC Unencrypted Application Trace Files in Kaspersky Internet Security for Android 11.12.4.1622 Remote Denial of Service Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Language Pack Updater Vulnerability Enables NTLM-Relay Attack in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0 and 3.0 Arbitrary Memory Read Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Remote Code Execution Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Remote Admin Interface Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Local Privilege Escalation Vulnerability in Kaspersky Embedded Systems Security v1.2.0.300 InPage Reader Vulnerability: Arbitrary Code Execution via Crafted InPage Document Shared Memory Leak Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Arbitrary Code Execution Vulnerability in CVS 1.12.x with SSH Remote Repositories Heap-based Buffer Overflow in Perl's S_regatom Function with '\N{}' Escape and Case-Insensitive Modifier CSRF Vulnerability in NexusPHP 1.5 Allows Remote Authentication Hijacking Heap-based Buffer Over-read Vulnerability in mpg123 Information Disclosure Vulnerability in IBM WebSphere MQ 9.0.1 and 9.0.2 Heap-based Buffer Overflow in DLMFENC.sys Kernel Driver Vulnerability in Bitcoin Core Allows Creation of Fake SPV Proof for Unauthorized Payments Arbitrary File Write Vulnerability in Cyrus IMAP before 3.0.3 Arbitrary Web Script Injection in IceWarp Mail Server 10.4.4 Admin Panel Arbitrary Process Killing Vulnerability in Nagios Core Timing Attack Vulnerability in SilverStripe CMS Login and Password Reset Forms IBM WebSphere MQ 9.0.1 and 9.0.2 Channel Denial of Service Vulnerability Password Reset Vulnerability in Kanboard 1.0.46 and Earlier Password Reset Vulnerability in Kanboard (Versions before 1.0.46) Vulnerability: Denial of Service (DoS) in numpy.pad function CSRF Vulnerability in RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 Grant Status Bits Clearing Vulnerability Arbitrary Web Script Injection Vulnerability in C.P.Sub 5.2 Vulnerability in Polycom SoundStation IP, VVX, and RealPresence Trio: Unauthorized Memory Access Double Free Vulnerability in _zip_dirent_read Function in libzip Denial of Service Vulnerability in NetApp Data ONTAP 7-Mode NFS Environments Unauthorized Access to Sensitive Configuration Information in IBM UrbanCode Deploy Epson EasyMP Software Vulnerability: Hardcoded Backdoor Code Allows Unauthorized Access Brute-Force Vulnerability in Epson EasyMP Software Allows Remote Control and Unauthorized Streaming Buffer Overflow Vulnerability in OpenCV 3.3 and Earlier Versions Integer Overflow in PxMDecoder::readData Function in OpenCV 3.3 and Earlier Integer Overflow Vulnerability in ReadNumber Function in OpenCV Stack-based Buffer Overflow in connman's dnsproxy.c Allows Remote Code Execution Time Extension Vulnerability in SimpleSAMLphp's SimpleSAML_Auth_TimeLimitedToken Class Session Fixation and Authentication Bypass Vulnerability in SimpleSAMLphp Authentication Bypass Vulnerability in SimpleSAMLphp's Multiauth Module Open Redirect Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Vulnerability: Insecure Session Identifier Protection in SimpleSAMLphp Insecure Initialization Vector Usage in aesEncrypt Method in SimpleSAMLphp Timing Side-Channel Attack in Htpasswd Authentication and SimpleSAMLphp Session Incorrect Persistent NameID Generation in SimpleSAMLphp 1.7.0 through 1.14.10 XML Spoofing Vulnerability in InfoCard Module 1.0 for SimpleSAMLphp Denial of Service Vulnerability in ImageMagick 7.0.6-6 via Crafted File Heap-based Buffer Overflow in ImageMagick's enhance.c Use-after-free vulnerability in ImageMagick's DestroyImage function in image.c Arbitrary Web Script Injection in Paessler PRTG Network Monitor's DEVICES OR SENSORS Functionality CSRF Vulnerability in Spring Batch Admin Allows Remote Authentication Hijacking and Arbitrary Request Submission Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 via file upload functionality. Buffer Overflow in Perl's S_grok_bslash_N Function Information Exposure in OX Software GmbH App Suite 7.8.4 and earlier Cross Site Scripting (XSS) Vulnerability in OX Software GmbH App Suite 7.8.4 and earlier IBM SDK, Java Technology Edition XXE Vulnerability DLL Preloading Vulnerability in Foxit PDF Compressor Installers Buffer Over-read Vulnerability in SMB/CIFS Parser of tcpdump Buffer Over-read Vulnerability in addrtoname.c:lookup_bytestring() Buffer Over-read Vulnerability in tcpdump's ICMP Parser Buffer Over-read Vulnerability in ISAKMP Parser Buffer Over-read Vulnerability in tcpdump's ISO CLNS Parser Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in DECnet Parser of tcpdump Cross-Site Scripting (XSS) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Buffer Over-read Vulnerability in tcpdump Protocol Parsers Buffer Over-read Vulnerability in tcpdump's EIGRP Parser Buffer Over-read Vulnerability in Zephyr Parser of tcpdump User-Assisted Code Execution Vulnerability in Newsbeuter Bookmarking Function Server Side Request Forgery in Vebto Pixie Image Editor 1.4 and 1.7: Information Disclosure and Arbitrary Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in NexusPHP XSS Vulnerability in NexusPHP v1.5 via usersearch.php URL Path Arbitrary SQL Command Execution in NexusPHP 1.5 via takeconfirm.php Arbitrary SQL Command Execution in NexusPHP 1.5 via modtask.php IBM Maximo Asset Management 7.5 and 7.6 HTTP Response Splitting Vulnerability SQL Injection Vulnerability in massmail.php in NexusPHP 1.5 Stack Memory Corruption Vulnerability in MP3Gain 1.5.2.r2's apetag.c File Read Access Violation Vulnerability in MP3Gain 1.5.2.r2 Heap-based Buffer Overflow in libfpx 1.3.1_p6: Remote Denial of Service via Crafted fpx Image Sensitive Information Disclosure in IBM Maximo Asset Management 7.5 and 7.6 (IBM X-Force ID: 125153) NULL Pointer Dereference in CDirectory::GetDirEntry in libfpx 1.3.1_p6 NULL Pointer Dereference Vulnerability in PFileFlashPixView::GetGlobalInfoProperty in libfpx 1.3.1_p6 Denial of Service Vulnerability in libfpx 1.3.1_p6 via Crafted fpx Image Denial of Service Vulnerability in libfpx 1.3.1_p6 via Crafted fpx Image Denial of Service Vulnerability in CDirVector::GetTable in libfpx 1.3.1_p6 Double Free Vulnerability in DfFromLB in libfpx 1.3.1_p6 Allows Remote DoS via Crafted fpx Image Cross-Site Scripting Vulnerability in Cacti 1.1.17 spikekill.php Method Parameter Hard-coded Password Vulnerability in TecnoVISION DLX Spot Player4 Arbitrary File Upload and Remote Command Execution in TecnoVISION DLX Spot Player4 version >1.5.10 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management SQL Injection in TecnoVISION DLX Spot Player4 Admin Interface Heap Use After Free Vulnerability in PHP's var_unserializer.re Buffer Over-read Vulnerability in PHP's finish_nested_data Function Heap Use After Free Vulnerability in PHP 7.0.x and 7.1.x Invalid Memory Read Vulnerability in GraphicsMagick 1.3.26 Use-after-free vulnerability in ReadWMFImage function in GraphicsMagick 1.3.26 Heap-Based Buffer Over-Read in ReadSUNImage Function of GraphicsMagick 1.3.26 Directory Traversal Vulnerability in UnRAR before 5.5.7 Unity Editor Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Out-of-Bounds Read Vulnerability in UnRAR's libunrar.a Out-of-Bounds Read Vulnerability in UnRAR's Unpack::Unpack20 Function Buffer Overflow in UnRAR's Unpack::LongLZ Function D-Link DIR-600 Rev Bx Firmware Password Disclosure Vulnerability Memory Allocation Vulnerability in LibTIFF 4.0.8 Arbitrary Command Execution Vulnerability in Solstice Pod Networking Configuration SQL Injection in Easy Modal Plugin for WordPress (<=2.1.0) Allows Admins to Execute Arbitrary SQL Queries SQL Injection in Easy Modal Plugin for WordPress (<=2.1.0) Allows Admins to Execute Arbitrary SQL Queries Cross-Site Scripting (XSS) Vulnerability in PressForward Plugin for WordPress SQL Injection Vulnerability in Podlove Podcast Publisher Plugin for WordPress Unspecified Vulnerability in IBM RSA DM CLM Applications: Potential Information Leakage NULL Pointer Dereference and Application Crash Vulnerability in libgig 4.0.0 Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Heap-based Buffer Overflow in Exiv2 0.26: Remote DoS and Potential Impact Remote Denial of Service Vulnerability in Exiv2 0.26 Heap-based Buffer Over-read Vulnerability in libexiv2 in Exiv2 0.26 Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in libpspp's dict_add_mrset() Function Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in LibSass 3.4.5 due to Memory Leaks in Deeply Nested Code Remote Denial of Service Vulnerability in LibSass 3.4.5 Remote Denial of Service Vulnerability in LibSass 3.4.5 Session Fixation Vulnerability in Apache2Triad 1.5.4: Remote Session Hijacking via PHPSESSID Parameter Denial of Service Vulnerability in asn1c 0.9.28 Denial of Service Vulnerability in getsym Function of libbfd Buffer Overflow in Avaya IP Office Contact Center ActiveX Control Stack-based Buffer Overflow in IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 CSRF Vulnerability in Apache2Triad 1.5.4 Allows Unauthorized User Account Manipulation Apache2Triad 1.5.4 XSS Vulnerability in phpsftpd/users.php Integer-Overflow Vulnerability in Nimbus JOSE+JWT Allows HMAC Bypass Attacks Padding Oracle Attack in Nimbus JOSE+JWT before 4.39 Invalid Curve Attack in Nimbus JOSE+JWT before 4.36 Arbitrary Command Execution via Initial Dash Character in SSH URL in git-annex SQL Injection Vulnerability in Web-Dorado Photo Gallery by WD - Responsive Photo Gallery Plugin Cross-Site Scripting (XSS) Vulnerability in Cacti's lib/html.php Stored XSS Vulnerability in DokuWiki through 2017-02-19c Stored XSS in DokuWiki through 2017-02-19c via Malicious RSS or Atom Feed SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via sort parameter in addforum action Denial of Service Vulnerability in OpenJPEG 2.2.0 Heap-based Buffer Overflow in ReadSFWImage Function in ImageMagick 7.0.6-8 Cross-Site Scripting (XSS) Vulnerability in PHPMyWind 5.3: shoppingcart.php, message.php, admin/message.php, and admin/message_update.php Buffer Over-read Vulnerability in tcpdump's IPv6 Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Routing Header Parser Buffer Over-read Vulnerability in IEEE 802.11 Parser in tcpdump Buffer Over-read Vulnerability in tcpdump's Telnet Parser Infinite Loop Vulnerability in tcpdump's RESP Parser Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Infinite Loop Vulnerability in ISAKMP Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in RIPng Parser of tcpdump Buffer Over-read Vulnerability in Juniper Protocols Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Infinite Loop Vulnerability in tcpdump DNS Parser Buffer Over-read Vulnerability in tcpdump's PIMv2 Parser Infinite Loop Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in IS-IS Parser of tcpdump Buffer Over-read Vulnerability in IS-IS Parser of tcpdump Cross-Site Request Forgery (CSRF) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Buffer Over-read Vulnerability in IEEE 802.15.4 Parser in tcpdump Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in AODV Parser of tcpdump Buffer Over-read Vulnerability in LMP Parser of tcpdump Buffer Over-read Vulnerability in Juniper Protocols Parser Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in L2TP Parser of tcpdump Buffer Over-read Vulnerability in Apple PKTAP Parser Buffer Over-read Vulnerability in IEEE 802.11 Parser in tcpdump Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Symlink Attack Vulnerability in IBM Spectrum Protect 7.1 and 8.1 Buffer Over-read Vulnerability in BEEP Parser of tcpdump Buffer Overflow Vulnerability in tcpdump Protocol Parsers Buffer Over-read Vulnerability in tcpdump's ICMP Parser Buffer Over-read Vulnerability in ARP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's White Board Protocol Parser Buffer Over-read Vulnerability in EAP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's ISO ES-IS Parser Buffer Over-read Vulnerability in DHCPv6 Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Improper Access Controls in IBM Sterling B2B Integrator Standard Edition 5.2 Buffer Over-read Vulnerability in tcpdump's VTP Parser Buffer Over-read Vulnerability in ICMPv6 Parser Buffer Over-read Vulnerability in tcpdump's IP Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Buffer Over-read Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in tcpdump's BOOTP Parser Buffer Over-read Vulnerability in PPP Parser of tcpdump Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal and Web Content Manager Buffer Over-read Vulnerability in PIM Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's IPv6 Fragmentation Header Parser Buffer Over-read Vulnerability in RADIUS Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's VTP Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Buffer Over-read Vulnerability in OSPFv3 Parser Buffer Over-read Vulnerability in tcpdump's IP Parser Buffer Over-read Vulnerability in tcpdump's PPP Parser Buffer Over-read Vulnerability in ISAKMP Parser of tcpdump Memory Address Vulnerability in IBM Spectrum Scale/GPFS on Elastic Storage Server (ESS)/GPFS Storage Server (GSS) Buffer Over-read Vulnerability in MPTCP Parser of tcpdump Buffer Over-read Vulnerability in ICMPv6 Parser Buffer Over-read Vulnerability in HNCP Parser of tcpdump Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in HNCP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's VQP Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's ISO ES-IS Parser Buffer Over-read Vulnerability in RSVP Parser of tcpdump Buffer Over-read Vulnerability in Rx Protocol Parser Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 Buffer Over-read Vulnerability in tcpdump's RPKI-Router Parser Buffer Over-read Vulnerability in RSVP Parser of tcpdump Buffer Over-read Vulnerability in CFM Parser of tcpdump Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Arbitrary Code Execution Vulnerability in PDF-XChange Viewer 2.5 (Build 314.0) Memory Leak Vulnerability in ImageMagick 7.0.6-6 WritePCXImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-6: WriteOneJNGImage Function in coders/png.c Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Memory Leak Vulnerability in ImageMagick 7.0.6-5's ReadMATImage Function ImageMagick 7.0.6-5 Denial of Service Vulnerability in ReadPSDLayersInternal Memory Leak Vulnerability in ImageMagick 7.0.6-6: Denial of Service via Crafted File Heap-Based Buffer Overflow Vulnerability in GraphicsMagick 1.3.26: GetStyleTokens in coders/svg.c:314:12 Heap-Based Buffer Overflow Vulnerability in GraphicsMagick 1.3.26: GetStyleTokens in coders/svg.c:311:12 NULL Pointer Dereference Vulnerability in GraphicsMagick 1.3.26's SVGStartElement Function Memory Leak Vulnerability in GraphicsMagick 1.3.26's CloneImage Function Remote Code Execution Vulnerability in QNAP QTS Media Library SQL Injection Vulnerability in QNAP Helpdesk Application Command Injection Vulnerabilities in QNAP Music Station DLL Hijacking Vulnerability in QNAP Qsync for Windows (exe) Version 4.2.2.0724 and Earlier Remote Code Execution Vulnerability in QNAP Video Station App Center in QNAP QTS: Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in QNAP NAS Photo Station Application WPA/WPA2 Key Reinstallation Attack GTK Key Reinstallation Attack: Exploiting WPA/WPA2 Vulnerability for Frame Replay IGTK Key Reinstallation Attack: Exploiting WPA/WPA2 Wi-Fi Protected Access Improper Access Control in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 Group Temporal Key (GTK) Replay Vulnerability in Wi-Fi Protected Access (WPA and WPA2) IGTK Key Reinstallation Attack: Exploiting Wi-Fi Protected Access (WPA and WPA2) Vulnerability Reinstallation of Pairwise Transient Key (PTK) Vulnerability in Wi-Fi Protected Access (WPA and WPA2) Insecure Update Validation in Akeo Consulting Rufus Prior to Version 2.17.1187 WPA/WPA2 Vulnerability: STSL Transient Key Reinstallation TDLS Peer Key Reinstallation Vulnerability WPA/WPA2 GTK Reinstallation Vulnerability WPA/WPA2 Vulnerability: Replay Attack via WNM Sleep Mode Response Frame Vulnerability: Integer Overflow in Chunk Length Parsing in wget Clear Text Storage of User Credentials in IBM InfoSphere Master Data Management Server 11.0 - 11.6 Vulnerability: Integer Overflow in Chunk Length Parsing in wget Vulnerability: Flawed Encryption and Access Management in IEEE P1735 Standard Flawed Encryption and Access Management in IEEE P1735 Standard: Exploiting Weaknesses for Unauthorized Access Flawed Encryption and Access Management in IEEE P1735 Standard: Exploiting Weaknesses for IP Theft and Hardware Trojans Flawed Encryption and Access Management in IEEE P1735 Standard: Vulnerability Exploits and IP Compromise Flawed Encryption Methods in IEEE P1735 Standard: Vulnerability Exploits Intellectual Property Access Flawed Encryption Methods in IEEE P1735 Standard: Vulnerability Exploiting Access Rights and Cryptographic Weaknesses Flawed Encryption Methods in IEEE P1735 Standard: Exposing Intellectual Property Vulnerability ROBOT: Bleichenbacher Oracle Threat in BouncyCastle TLS ROBOT: Bleichenbacher Oracle Attack in wolfSSL Buffer Overflow Vulnerability in IBM Informix Dynamic Server 12.1 Hard-coded Encryption Key Vulnerability in The Moron Test iOS Application Hard-coded Encryption Key Vulnerability in musical.ly iOS Application Hard-coded Encryption Key Vulnerability in Gameloft Asphalt Xtreme: Offroad Rally Racing Hard-coded Encryption Key Vulnerability in UberEATS iOS Application Insecure SSL Certificate Handling in Security Virus Cleaner - Antivirus, Booster Hard-coded Encryption Key Vulnerability in Cheetahmobile CM Launcher 3D Hard-coded Encryption Key Vulnerability in Live.me Android Application Hard-coded Encryption Key Vulnerability in DFNDR Security Antivirus, Anti-hacking & Cleaner SQL Injection Vulnerability in IBM Insights Foundation for Energy 2.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management VIP.com Application Vulnerability: Remote Information Disclosure and Authentication Hijacking CSRF Vulnerability in ZKTeco ZKTime Web 2.0.1.12280 Allows Remote Admin Hijacking Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Privilege Escalation in BMC Patrol via Crafted libmcmclnx.so File Memory Leak Vulnerability in ImageMagick 7.0.6-8: ReadMIFFImage Function in coders/miff.c Denial of Service Vulnerability in ImageMagick 7.0.6-8 WritePDFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-8's load_level Function Heap-based Buffer Over-read Vulnerability in ImageMagick and GraphicsMagick NULL Pointer Dereference in VideoLAN x265: Memory Allocation Failure in CUData::initialize Integer Overflow and NULL Pointer Dereference in libbpg's image_alloc function SQL Injection Vulnerability in FormCraft Basic Plugin 1.0.5 for WordPress Bridge Theme for WordPress: DOM-based XSS Vulnerability Allows Arbitrary JavaScript Injection Out-of-Bounds Read Vulnerability in ImageMagick's ReadOneMNGImage Function Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Denial of Service Vulnerability in ImageMagick's ReadOnePNGImage Function Memory Leak Vulnerability in ImageMagick's ReadOnePNGImage Function Insufficient Check for Short Files in ImageMagick PNG Handling Uninitialized Data Exposure in ImageMagick's ReadMATImage Function ImageMagick Crash Vulnerability with Large Image Dimensions ImageMagick ReadJP2Image Function Channel Geometry Validation Vulnerability Memory Leak in ReadMATImage Function in ImageMagick Allocation Failure Vulnerability in GraphicsMagick 1.3.26's ReadMNGImage Function Android Media Framework (libmpeg2) Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Android Media Framework Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Android Media Framework Information Disclosure Vulnerability Android Media Framework Elevation of Privilege Vulnerability (libaudioservice) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Elevation of Privilege Vulnerability (CVE-2020-64211847) Android ActivityManagerService Information Disclosure Vulnerability Android ActivityManagerService Information Disclosure Vulnerability (A-32879915) Android ActivityManagerService Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Critical Remote Code Execution Vulnerability in Android Bluetooth Elevation of Privilege Vulnerability in Broadcom Wireless Driver for Android Elevation of Privilege Vulnerability in Android Kernel Binder (Android ID A-64216036) Elevation of Privilege Vulnerability in Android Kernel MTP USB Driver (Android ID A-37429972) Kernel Binder Driver Information Disclosure Vulnerability Kernel File System Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel v4l2 Video Driver (Android ID A-34624167) Kernel Sound Timer Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel SCSI Driver (Android ID A-65023233) Kernel Camera Server Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Android Elevation of Privilege Vulnerability in MediaTek Display Driver Elevation of Privilege Vulnerability in MediaTek Performance Service on Android Elevation of Privilege Vulnerability in MediaTek Bluetooth Driver for Android Elevation of Privilege Vulnerability in MediaTek System Server on Android Elevation of Privilege Vulnerability in Android Kernel EDL (A-63100473) Android libwilhelm Information Disclosure Vulnerability (N-CVE-2017-13175) Improper Input Validation in parseURL Function of URLStreamHandler in Android NEON Register Preservation Vulnerability in libhevc Out-of-bounds Write Vulnerability in SoftAVCDec's initDecoder Function Out-of-bounds Write Vulnerability in SoftHEVC's ihevcd_allocate_static_bufs and ihevcd_create Functions Arbitrary Command Execution Vulnerability in IBM MQ Appliance 8.0 and 9.0 Use-after-free vulnerability in SoftAVCDec on Android 6.0-8.1 allows local privilege escalation Double Free Vulnerability in MtpServer Allows Local Elevation of Privilege on Android Integer Overflow Vulnerability in ACodec's sendFormatChange Function Race condition vulnerability in OMXNodeInstance::useBuffer and IOMX::freeBuffer functions in Android 8.1 allows local privilege escalation and code execution Use-after-free vulnerability in enableVSyncInjections function of SurfaceFlinger in Android 8.0 and 8.1 allows for local privilege escalation Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework (libavc) Vulnerability: Incorrect Use of mmco Parameters Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework (AAC) Information Disclosure Vulnerability Memory Allocation Vulnerability in Android Media Framework (libavc) Missing Secure Attribute in Encrypted Session Cookie Vulnerability in IBM Tivoli Federated Identity Manager 6.2 Memory Allocation Vulnerability in Android Media Framework (libhevc) Infinite Loop Denial of Service Vulnerability in ihevcd_decode Function Infinite Loop Denial of Service Vulnerability in ihevcd_parse_slice_header Function Infinite Loop Denial of Service Vulnerability in ihevcd_decode.c Android Media Framework (libvpx) Vulnerability: Odd Frame Width Exploit Negative parameter values in ihevcd_parse_sps function leading to infinite loop and remote denial of service vulnerability in Android Memory Leak Vulnerability in ihevcd_decode.c Unjoined Slave Threads Denial of Service Vulnerability in Android Android Media Framework Vulnerability: Color Map Composition Issue Out-of-Memory Exception Vulnerability in Bitmap.ccp Leads to Remote Denial of Service in Android 8.0 and 8.1 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Federated Identity Manager 6.2 Android Media Framework ID3 Unsynchronization Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework (libavc) Information Disclosure Vulnerability Android Media Framework (libavc) Information Disclosure Vulnerability Android Media Framework (libmpeg2) Information Disclosure Vulnerability Android Media Framework (aacdec) Information Disclosure Vulnerability Stagefright MPEG4Writer Information Disclosure Vulnerability in Android Media Framework Out-of-bounds Write Vulnerability in Android DHCP Response Handling Insecure Permissions Check in ServiceManager::add Function Allows Service Replacement and Local Elevation of Privilege in Android 8.0 and 8.1 Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Information Server 9.1, 11.3, and 11.5 Out-of-bounds write vulnerability in CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp Resource Exhaustion Vulnerability in Android BLE Scanner Android SystemUI Elevation of Privilege Vulnerability (CVE-2020-12345) Elevation of Privilege Vulnerability in Broadcom bcmdhd Driver for Android Critical Denial of Service Vulnerability in Android's Hardware HEVC Decoder Elevation of Privilege Vulnerability in Android Kernel's Upstream skcipher Out-of-bounds Write Vulnerability in ashmem_ioctl of ashmem.c Out-of-Bounds Write Vulnerability in DisplayFtmItem in Android Bootloader Vulnerability: Side Channel Attack on CNTVCT_EL0 in Snapdragon SoCs Denial of Service Vulnerability in Android Kernel's Synaptics Touchscreen Controller XML External Entity Injection (XXE) Vulnerability in IBM API Connect 5.0.6.0 Elevation of Privilege Vulnerability in Android Kernel Bluez Elevation of Privilege Vulnerability in Android Upstream Kernel WiFi Driver (A-64709938) Android Upstream Kernel Information Disclosure Vulnerability (A-38159576) Heap Buffer Overflow in libMtkOmxVdec.so: Remote Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek mtk Android Kernel (A-32591194) Out-of-bounds Write Vulnerability in ih264d_ref_idx_reordering of libavc Critical Remote Code Execution Vulnerability in Android Media Framework Hevc Codec Out-of-Bounds Write Vulnerability in Android Out-of-Bounds Write Vulnerability in libmediadrm Out-of-bounds Write Vulnerability in Audioserver with Local Information Disclosure Resource Exhaustion Vulnerability in ihevcd_ctb_boundary_strength_pbslice of libhevc Memory Leak Vulnerability in DLSParser of Sonivox Library Allows Remote Denial of Service Android Media Framework Vulnerability (A-68342866) KeyStore Service Permissions Bypass Vulnerability XBLRamDump Mode Memory Dump Vulnerability Android UI Framework Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Android Crypto Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Bluetooth Information Disclosure Vulnerability (A-62672248) Android UI Information Disclosure Vulnerability Android Upstream Kernel Easel Elevation of Privilege Vulnerability (ID: A-62678986) Android Upstream Kernel Audio Driver Elevation of Privilege Vulnerability Android Upstream Kernel Network Driver Information Disclosure Vulnerability (ID: A-36279469) Carrier Bootloader Lock Bypass Vulnerability in Pixel 2 Bootloader Out-of-Bound Write Vulnerability in impeg2_idct_recon_sse42() of Android Out-of-Bounds Write Vulnerability in impeg2d_api_set_display_frame of Android (Versions 6.0-8.1) Cross-Site Scripting Vulnerability in IBM iNotes 8.5 and 9.0 Out-of-Bounds Write Vulnerability in ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c Out-of-bounds Write Vulnerability in impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c Out-of-Bounds Write and Uninitialized Memory Read Vulnerability in CryptoHal::decrypt of CryptoHal.cpp Out of Bounds Write Vulnerability in CryptoPlugin::decrypt of CryptoPlugin.cpp AACExtractor Vulnerability in Android Media Framework Out of Bounds Write Vulnerability in sdp_server.c of Android (A-68776054) Out of Bounds Write Vulnerability in Android SDP Server (CVE-2020-12345) Use After Free Vulnerability in bta_pan_act.cc of Android (A-67110692) Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc in Android Out of Bounds Read Vulnerability in sdp_discovery.cc in Android Improper User Request Restriction in IBM Sterling File Gateway (IBM X-Force ID: 126060) Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc Out-of-bounds Read Vulnerability in bnep_process_control_packet of bnep_utils.cc in Android Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc in Android Android Framework Elevation of Privilege Vulnerability (Android 8.0, 8.1) Avcdec Vulnerability in Android Media Framework (Android ID: A-70294343) Android OTA Update Elevation of Privilege Vulnerability Stack Corruption Vulnerability in avrc_pars_vendor_cmd of avrc_pars_tg.cc in Android Stack Corruption Vulnerability in avrc_pars_vendor_cmd of avrc_pars_tg.cc in Android 6.0 - 8.1 Android Bluetooth Information Disclosure Vulnerability (CVE-2018-9505) Android Bluetooth Information Disclosure Vulnerability (CVE-2018-9489) Cross-Site Scripting (XSS) Vulnerability in IBM iNotes 8.5 and 9.0 Elevation of Privilege Vulnerability in Android Kernel's mnh_sm Driver (CVE-2021-12345) Elevation of Privilege Vulnerability in Android Kernel's mnh_sm Driver Out-of-Bounds Write Vulnerability in alarm_ready_generic of alarm.cc Race Condition Vulnerability in xt_qtaguid.c Incorrect Web Origin Determination Vulnerability in getHost() Function of UriTest.java Out of Bounds Read Vulnerability in getVSCoverage of CmapCoverage.cpp Stack Buffer Overflow in CProgramConfig_ReadHeightExt of tpdec_asc.cpp in Android 6.0-8.1 Out-of-bounds Write Vulnerability in ihevcd_fmt_conv of Android (CVE-2020-XXXXX) Possible Use After Free Vulnerability in MediaPlayerService::Client::notify of Android Memory Resource Exhaustion Vulnerability in M3UParser::parse of M3UParser.cpp Improper Handling of Security Policy in IBM API Connect 5.0.0.0 - 5.0.6.0 Out of Bounds Read Vulnerability in libframesequence of Android Stack Buffer Overflow in avrc_pars_browsing_cmd of avrc_pars_tg.cc in Android 8.0 and 8.1 Stack Buffer Overflow in avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc in Android 7.0-8.1.2 Out-of-bounds Write Vulnerability in Bluetooth AVRCP Control Unauthenticated Remote Escalation of Privilege in Android Bluetooth Keyboard Pairing Uninitialized Buffer Out-of-Bounds Write Vulnerability in SvoxSsmlParser Permission Bypass in writeToParcel and readFromParcel of OutputConfiguration.java Improper Input Validation in VerifyCredentialResponse.java leading to Local Privilege Escalation Permission Bypass in writeToParcel and readFromParcel of PeriodicAdvertisingReport.java Permission Bypass Vulnerability in RttManager.java HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Out-of-bounds Read Vulnerability in sdp_server_handle_client_req of Android NULL Pointer Dereference Vulnerability in avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc in Android 7.0-8.1 Out-of-bounds Write Vulnerability in wl_get_assoc_ies of wl_cfg80211.c Out of Bounds Write Vulnerability in nfc_hci_cmd_received() Function of Android Kernel Android Framework Information Disclosure Vulnerability in AOSP Email Application Android Package Installer Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability in libavc Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework (libavc) Vulnerability: A-70897394 Android Media Framework (libhevc) Denial of Service Vulnerability Android System UI Denial of Service Vulnerability (Android 8.0) Android System UI Denial of Service Vulnerability (Android 8.0) Broadcom bcmdhd Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Android Kernel's Upstream mnh_sm Driver Android Kernel Encrypted-Keys Information Disclosure Vulnerability (A-70526974) Upstream Kernel mnh Driver Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel's Upstream Kernel PCI Sysfs Cross-Site Scripting Vulnerability in IBM Content Navigator 2.0.3 and 3.0.0 Cross-Site Scripting (XSS) Vulnerability in IBM iNotes 8.5 and 9.0 Information Disclosure Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Code Injection Vulnerability in IBM Infosphere BigInsights 4.2.0 Plain Text Transmission of User Credentials in IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS Application Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Weak Encryption of Passwords in IBM Spectrum Protect Server Information Disclosure Vulnerability in IBM Jazz Reporting Service (JRS) 6.0.4 Unauthorized Access Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Information Disclosure Vulnerability in IBM Insights Foundation for Energy 2.0 Cross-Site Scripting (XSS) Vulnerability in IBM Insights Foundation for Energy 2.0 Temporary File Exposure Vulnerability in IBM Business Process Manager SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Local User Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Privilege Escalation Vulnerability in IBM InfoSphere Information Server Command Injection Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 IBM Atlas eDiscovery Process Management 6.0.3 Clickjacking Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Atlas eDiscovery Process Management 6.0.3 Sensitive Information Disclosure in IBM Atlas eDiscovery Process Management 6.0.3 SQL Injection Vulnerability in IBM Atlas eDiscovery Process Management 6.0.3 Email Forgery Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Vulnerability: Plain Text Storage of User Credentials in IBM Security Identity Manager Adapters 6.0 and 7.0 Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC) Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Memory Leak Vulnerability in GraphicsMagick 1.3.26's ReadMATImage Function UnrealIRCd 4.0.13 and earlier Privilege Escalation via PID File Modification Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC) Clickjacking Vulnerability in NetApp OnCommand Insight Null Pointer Dereference Vulnerability in ImageMagick's ReadMATImage Function Weak Cryptographic Algorithms in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2: A Potential Decryption Vulnerability Firmware Vulnerability: Encryption Key Exposure in iSmartAlarm CubeOne (Version 2.2.4.8 and Earlier) Firmware Vulnerability: Arbitrary Command Execution via Password File Exposure in iSmartAlarm CubeOne Integer Underflow Vulnerability in pixel-a.asm in MulticoreWare x265 through 2.5 SSRF Vulnerability in OX App Suite 7.8.4 and Earlier Cross Site Scripting (XSS) vulnerability in OX App Suite 7.8.4 and earlier SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via setanswered parameter in staffbox.php Sensitive Information Disclosure in IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 Arbitrary File Upload Vulnerability in BlackCat CMS 1.2 Persistent XSS vulnerability in MISP before 2.4.79 via comments QEMU VGA Display Emulator Out-of-Bounds Read Vulnerability Vulnerability: Denial of Service in VGA Display Update with Split Screen Mode Privilege Escalation Vulnerability in Symantec ProxyClient 3.4 for Windows Symantec Endpoint Encryption DoS Vulnerability Norton Remove & Reinstall DLL Preloading Vulnerability Denial-of-Service Vulnerability in Symantec Advanced Secure Gateway (ASG) and ProxySG Management Consoles Stored XSS Vulnerability in Symantec Advanced Secure Gateway (ASG) and ProxySG Management Consoles Symantec Encryption Desktop DoS Vulnerability Insecure Cookie Handling in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Unauthorized File Deletion Vulnerability in Symantec Endpoint Protection Privilege Escalation Vulnerability in Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 Kernel Memory Leak Vulnerability in Symantec Encryption Desktop Kernel Memory Leak Vulnerability in Symantec Endpoint Encryption Denial of Service and Stack Corruption Vulnerability in Unisys Libra 64xx and 84xx and FS601 Class Systems with MCP-FIRMWARE Remote Denial of Service Vulnerability in SQLite 3.20.0 NULL pointer dereference vulnerability in net/ipv4/route.c in Linux kernel 4.13-rc1 through 4.13-rc6 Buffer Over-read Vulnerability in Cisco HDLC Parser Buffer Over-read Vulnerability in OLSR Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's IKEv1 Parser Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Buffer Over-read Vulnerability in IKEv2 Parser of tcpdump Denial of Service Vulnerability in Tidy 5.5.31: IsURLCodePoint Function in attrs.c ACPI Operand Cache Flushing Vulnerability ACPI Table Vulnerability: Kernel Memory Information Disclosure and KASLR Bypass ACPI Operand Cache Flushing Vulnerability Buffer Overflow Vulnerability in Dup Scout Enterprise, Disk Savvy Enterprise, Sync Breeze Enterprise, and Disk Pulse Enterprise Web Server Component XSS Vulnerability in dayrui FineCms 5.0.11 controllers/member/api.php Vulnerability: Extraction of Default Keys from MOXA EDS-G512E Firmware Image Insecure Password Encryption Method on MOXA EDS-G512E Devices Information Disclosure Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 XSS Vulnerability in MOXA EDS-G512E Administration Interface Insecure Storage of Sensitive Information in MOXA EDS-G512E 5.1 Build 16072215 Devices Cookie Theft and Manipulation Vulnerability on MOXA EDS-G512E 5.1 Build 16072215 Devices Denial of Service Vulnerability on MOXA EDS-G512E 5.1 Build 16072215 Devices Denial of Service Vulnerability in dnsmasq 2.78 and earlier Lansweeper XML External Entity (XXE) Vulnerability in Import Package Functionality Privilege Escalation via Sudo Command Execution in Replibit Backup Manager Remote Code Execution Vulnerability in VX Search Enterprise 10.0.14 Web Server Service File Overwrite Vulnerability in FlightGear Main/logger.cxx Unauthorized Execution of Builder Tool Actions in IBM TRIRIGA Application Platform Denial of Service Vulnerability in libbfd's setup_group Function QEMU Use-After-Free Vulnerability in sofree Function NULL Pointer Dereference in id3v2AddAudioDuration function in LAME 3.99.5 Remote Code Execution Vulnerability in T&W WIFI Repeater BE126 Uninitialized Variable Vulnerability in Linux Kernel's __skb_flow_dissect Function Denial of Service Vulnerability in libiberty's C++ Symbol Demangler Routine Insecure Access-Control-Allow-Origin Header in Starry Station Router Allows Credential Brute-Force and Data Extraction Brute Force PIN Vulnerability in Starry Station HTTP API Stack-based Buffer Overflow in Amcrest IP Camera HTTP API Cross-Site Scripting (XSS) Vulnerability in IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 Buffer Over-read Vulnerability in PatternMatch Function in libXfont X.Org Server X Shared Memory Extension Vulnerability Buffer Over-read Vulnerability in libXfont Buffer Overflow Vulnerability in X.Org Server Stored Cross Site Scripting Vulnerability in APN Parameter on Axesstel MU553S MU55XS-V1.14 Buffer Over-read Vulnerability in tcpdump's IPv6 Routing Header Parser Remote Denial of Service Vulnerability in LibTIFF 4.0.8: Reachable Assertion Abort in TIFFWriteDirectorySec() Remote Denial of Service Vulnerability in LibTIFF 4.0.8: Reachable Assertion Abort in TIFFWriteDirectoryTagSubifd() Remote Denial of Service Vulnerability in ncurses 6.0's comp_scan.c Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in _nc_save_str Function Unauthorized Report Execution Vulnerability in IBM TRIRIGA Application Platform Remote Denial of Service Vulnerability in ncurses 6.0 Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in postprocess_termcap() Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in dump_uses() Function Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in fmt_entry Function Remote Denial of Service Vulnerability in ncurses 6.0's _nc_safe_strcat Function Floating Point Exception Vulnerability in LibRaw 0.18.2 Remote Denial of Service Vulnerability in GraphicsMagick 1.3.26 Remote Denial of Service Vulnerability in GraphicsMagick 1.3.26 Illegal Address Access Vulnerability in _lou_getALine function in Liblouis 3.2.0 Heap-based Buffer Overflow in Liblouis 3.2.0: Remote Code Execution Vulnerability IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 Vulnerability: Unauthorized Access to Sensitive Data Stack-based Buffer Overflow in Liblouis 3.2.0's parseChars() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0: Use-After-Free in compileBrailleIndicator() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0 via Stack-Based Buffer Overflow in includeFile() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0 Illegal Address Access Vulnerability in _lou_getALine() Function in Liblouis 3.2.0 Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_sot() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_siz() Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_floorlog2() Remote Denial of Service Vulnerability in JasPer 2.0.12: Memory Leaks in jas_strdup() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_pi_nextrpcl() Weak Cryptographic Algorithms in IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_siz() Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in calcstepsizes() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_dequantize() Arbitrary Web Script Injection in Wibu-Systems CodeMeter Advanced Settings - Time Server Module Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK) 4.4.2 Infinite Recursion Vulnerability in The Sleuth Kit (TSK) 4.4.2 Heap-based Buffer Over-read Vulnerability in GNU Binutils 2.29 Heap-Based Buffer Overflow in TracePoint() Function in ImageMagick 7.0.6-10 IBM J9 VM Class Verifier Security Bypass Vulnerability Vulnerability: Hang in fls on Corrupt exFAT Image in The Sleuth Kit (TSK) 4.4.2 Information Disclosure Vulnerability in Fastly CDN Module for Magento2 XSS Vulnerability in ONOS Versions 1.8.0, 1.9.0, and 1.10.0 Unrestricted Memory Allocation and Netty Payload Size Vulnerability in ONOS Versions 1.8.0, 1.9.0, and 1.10.0 Vulnerability: NULL Pointer Dereference in Wireshark 2.4.0 Modbus Dissector Buffer Over-read Vulnerability in Wireshark IrCOMM Dissector Profinet I/O Dissector Out-of-Bounds Write Vulnerability in Wireshark 2.4.0 and 2.2.0 to 2.2.8 MSDP Dissector Infinite Loop Vulnerability Denial of Service Vulnerability in ImageMagick's IdentifyImage Function Denial of Service Vulnerability in ImageMagick's WriteTHUMBNAILImage Function IBM Runbook Automation Error Messages Expose Sensitive Information, Posing Security Risk Plaintext Transmission of Network Configuration Credentials in Lexmark Scan To Network (SNF) 3.2.9 and Earlier Stack-based Buffer Overflow Vulnerabilities in TP-Link WR940N WiFi Routers with Hardware Version 4 Local User Password-Recovery Code Generation Vulnerability in Hikvision iVMS-4200 Devices Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadJNXImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadXBMImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadXBMImage() Function XSS Vulnerability in Fiyo CMS 2.0.7 via site_name Parameter in sys_config.php Insecure Permissions in GSTN Offline Tool Allows Privilege Escalation and Remote Command Execution Unencrypted Login Credentials Disclosure in IBM Spectrum Protect Directory Traversal Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Memory-read bypass vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability: Cleartext APFS Data Disclosure via Crafted Thunderbolt Adapter Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Address Bar Spoofing Vulnerability in Safari Improper Handling of Requests in IBM API Connect 5.0.0.0 Developer Portal Allows Remote Information Disclosure Address Bar Spoofing Vulnerability in Safari Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Vulnerability in macOS APFS Component Allows Arbitrary Code Execution or Denial of Service Local File Disclosure Vulnerability in macOS Dictionary Widget Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple StreamingZip Component Lock-screen Bypass Vulnerability in Siri on iOS before 11.1 iOS Profile Pairing Vulnerability Apple macOS Audio Component Remote Code Execution Vulnerability Remote Code Execution Vulnerability in macOS Remote Management Component Remote Code Execution Vulnerability in AppleScript Component Caching Vulnerability in IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) Information Disclosure Vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in macOS 10.13.1 and Earlier Remote Code Execution Vulnerability in macOS libarchive Component Buffer Overflow Vulnerability in macOS libarchive Component Remote Code Execution Vulnerability in ImageIO Component of macOS Denial of Service Vulnerability in macOS 10.13.1 and Earlier Buffer Overflow Vulnerability in macOS libarchive Component Out-of-Bounds Read Vulnerability in Apple macOS Kernel Memory-read bypass vulnerability in macOS Kernel Cross-Site Scripting (XSS) Vulnerability in macOS HelpViewer Component File Permissions Vulnerability in IBM WebSphere Application Server Vulnerability in ATS Component Allows Information Disclosure and Denial of Service Memory-read bypass vulnerability in macOS 10.13.1 and earlier via crafted app Memory-read bypass vulnerability in Quick Look component on macOS Memory-read bypass vulnerability in QuickTime component on macOS 10.13.1 and earlier Remote Code Execution Vulnerability in macOS Open Scripting Architecture Remote Code Execution and Denial of Service Vulnerability in macOS CoreText Component Arbitrary Code Execution Vulnerability in macOS kext tools Component Remote User Interface Spoofing Vulnerability in macOS Fonts Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS CFNetwork Component XML External Entity Injection (XXE) Vulnerability in IBM InfoSphere Information Server 9.1, 11.3, and 11.5 Arbitrary Code Execution and Denial of Service Vulnerability in macOS HFS Component Remote Information Disclosure and Denial of Service Vulnerability in macOS ImageIO Component Vulnerability in macOS 802.1X Component Allows for Unspecified Impact via TLS 1.0 Support Arbitrary Code Execution and Denial of Service Vulnerability in macOS CFNetwork Component Memory Corruption Vulnerability in macOS Kernel Memory Corruption Vulnerability in macOS High Sierra 10.13 Allows Arbitrary Code Execution with Elevated Privileges Memory-read bypass vulnerability in macOS Kernel FileVault Unlock Key Access Entitlements Issue in macOS Arbitrary Code Execution and Denial of Service Vulnerability in macOS Sandbox Component Local User File Visibility Vulnerability in macOS Spotlight Memory-read bypass vulnerability in macOS Kernel Memory-read bypass vulnerability in macOS Kernel Memory-read bypass vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel Arbitrary Photo Viewing Vulnerability in iOS Lock-Screen Messages Vulnerability in PCRE Library Allows Remote Attackers to Cause Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in IOKit Component Arbitrary Code Execution Vulnerability in macOS IOKit Component Denial of Service Vulnerability in Apple CoreText Component Font Importer Vulnerability in macOS 10.12.6 and Earlier Local Privilege Escalation Vulnerability in macOS DesktopServices Arbitrary App Monitoring Vulnerability in Apple Products AppleGraphicsControl Privilege Escalation and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution Vulnerability in macOS IOKit Component Bypassing Policy Restrictions and Password Interception in IBM API Connect 5.0.0.0 S/MIME Credential Encryption Mishandling Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel iOS APNs Component Vulnerability: Man-in-the-Middle Attack for User Tracking Vulnerability: Man-in-the-Middle Attack on APNs Server in iCloud and iTunes Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Memory-read bypass vulnerability in Apple Kernel component Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Cleartext E-mail Content Disclosure Vulnerability in macOS Mail Component macOS High Sierra Root User Password Bypass Vulnerability Sensitive Network-Activity Information Disclosure Vulnerability Vulnerability: Encryption Bypass in iOS Mail Component Vulnerability in Intel Graphics Driver in macOS before 10.13.2 Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary File Existence Disclosure Vulnerability in iOS Sandbox Profiles Vulnerability in Intel Graphics Driver component allows memory-read bypass and denial of service Arbitrary Code Execution and Denial of Service Vulnerability in iOS 11.2 and Earlier Arbitrary Code Execution Vulnerability in iOS 11.2 and watchOS 4.2 Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Privileged WiFi System Configuration Access Vulnerability in macOS High Sierra APFS Logic Issue in macOS High Sierra: Improved State Management Type Confusion Vulnerability in iOS Pre-11.2: Improved Memory Handling Credential Validation Logic Error in macOS High Sierra and Earlier Versions Remote Disk-Image Mounting Vulnerability in macOS Inconsistent User Interface Issue in iOS Pre-11.2: Improved State Management Contact Information Sharing Vulnerability Remote Attackers Can Manipulate HomeKit Component to Unlock Doors Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Elevated Privileges Vulnerability Patched in Apple Operating Systems Privilege Escalation Vulnerability in macOS High Sierra and Sierra Screen Lock Bypass Vulnerability in macOS High Sierra 10.13.1 and earlier versions Vulnerability: Local Execution of Non-Executable Text Files via SMB Share Vulnerability: Local Access to iCloud Authentication Tokens in macOS High Sierra 10.13 Sandbox Restrictions Patched in macOS High Sierra 10.13 to Prevent Unauthorized File Access Configuration Issue Patched in macOS Security Updates 2018-002 and 10.13.2 Failure to Enable HTTP Strict Transport Security in IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 Unintended Access Control Vulnerability in IBM Security Identity Governance Virtual Appliance Open Redirect Vulnerability in IBM WebSphere Commerce Unrestricted File Upload Vulnerability in HPE BSM Platform Application Performance Management System Health Authentication Bypass Vulnerability in HPE BSM Platform Application Performance Management System Health Directory Traversal Vulnerability in HPE BSM Platform Application Performance Management System Health Directory Traversal Vulnerability in HPE BSM Platform Application Performance Management System Health Unintended Information Disclosure through Reflected Cross-Site Scripting (XSS) in ArcSight ESM and ESM Express Insufficient Access Control Vulnerability in ArcSight ESM and ESM Express: Unauthorized Log File Download Improper Access Control Vulnerability in ArcSight ESM and ESM Express Improper Access Control Vulnerability in ArcSight ESM and ESM Express Apache Tomcat Version Disclosure Vulnerability in ArcSight ESM and ESM Express ArcSight ESM and ESM Express Information Leakage Vulnerability Insufficient Entropy in LOYTEC LVIS-3ME Web Interface Authentication Mechanism Allows Remote Code Execution Uncontrolled Search Path Element Vulnerability in i-SENS SmartLog Diabetes Management Software Cross-site Scripting Vulnerability in LOYTEC LVIS-3ME Web Interface Improper Authentication in iniNet Webserver Allows Unauthorized Access and Data Manipulation Relative Path Traversal Vulnerability in LOYTEC LVIS-3ME Web User Interface Missing Authentication for Critical Function in Schneider Electric InduSoft Web Studio and InTouch Machine Edition Insufficient Protection of Sensitive Information in LOYTEC LVIS-3ME Application Stack-based Buffer Overflow Vulnerabilities in WECON LEVI Studio HMI Editor v1.8.1 and Prior Versions Improper Authentication Vulnerability in Ctek SkyRouter Series 4200 and 4400 OS Command Injection Vulnerability in Digium Asterisk GUI 2.1.0 and Prior Default or Hard-Coded Credentials Vulnerability in GE Infinia/Infinia with Hawkeye 4 Medical Imaging Systems LAVA Ether-Serial Link (ESL) Firmware Authentication Bypass Vulnerability Default or Hard-Coded Credentials Vulnerability in GE GEMNet License Server (EchoServer) Unverified Password Change Vulnerability in ProMinent MultiFLEX M10a Controller Web Interface Default or Hard-Coded Credentials Vulnerability in GE Xeleris Medical Imaging Systems Insufficient Session Expiration in ProMinent MultiFLEX M10a Controller Web Interface Default or Hard-Coded Credentials Vulnerability in GE Centricity PACS RA1000 Plaintext Password Exposure in ProMinent MultiFLEX M10a Controller Web Interface Uncontrolled Search Path Element Vulnerability in SpiderControl MicroBrowser ProMinent MultiFLEX M10a Controller Web Interface Cross-Site Request Forgery Vulnerability Unencrypted PHI at Rest in Boston Scientific ZOOM LATITUDE PRM Model 3120 Client-Side Session Persistence Vulnerability in ProMinent MultiFLEX M10a Controller Hard-coded Cryptographic Key Vulnerability in Boston Scientific ZOOM LATITUDE PRM Model 3120 Stack-based Buffer Overflow in Advantech WebAccess Versions Prior to V8.2_20170817 Uncontrolled Search Path Element Vulnerability in Progea Movicon Version 11.5.1181 and Prior Authentication Bypass Vulnerability in Johnson & Johnson Ethicon Endo-Surgery Generator Gen11 Unquoted Service Path Privilege Escalation Vulnerability in Progea Movicon Version 11.5.1181 and Prior Uncontrolled Search Path Element (DLL Hijacking) Vulnerability in AutomationDirect Software Hard-coded Cryptographic Key Vulnerability in Korenix JetNet Switches Improper Input Validation in Rockwell Automation FactoryTalk Alarms and Events Allows Remote Denial of Service Improper Input Validation Vulnerability in Siemens SIMATIC PCS 7 V8.1 and WinCC V7.3/V8.2 Stack-based Buffer Overflow Vulnerability in Schneider Electric InduSoft Web Studio and InTouch Machine Edition Improper Input Validation Vulnerability in ABB FOX515T Release 1.0 Allows Unauthorized File Retrieval Authentication Bypass Vulnerability in Ice Qube Thermal Management Center Undocumented Hard-coded Credentials Vulnerability in Korenix JetNet Series Resource Exhaustion Vulnerability in Moxa NPort Devices Uncontrolled Search Path Element Vulnerability in Trihedral VTScada 11.3.03 and Prior Unquoted Service Path Escalation Vulnerability in Moxa MXview v2.8 and Prior Improper Access Control Allows Unauthorized File System Manipulation in Trihedral VTScada Bypassing Peer Authentication in ARM mbed TLS Denial of Service Vulnerability in OpenSSL::ASN1 Module in Ruby Heap-based buffer over-read vulnerability in restore_tqb_pixels function in libavcodec allows for denial of service or other impact Serialization Vulnerability in CrushFTP 8.x before 8.2.0 Cross-Site Scripting (XSS) Vulnerability in CrushFTP before 7.8.0 and 8.x before 8.2.0 HTTP Header Vulnerability in CrushFTP Versions 7.8.0 and below, and 8.x before 8.2.0 CrushFTP Redirect Vulnerability Heap-based Buffer Overflow in OpenJPEG 2.2.0's opj_t2_encode_packet Function OpenJPEG 2.2.0 - Remote Denial of Service Vulnerability in bin/jp2/convert.c OpenJPEG 2.2.0 - Stack-based Buffer Overflow in pgxtoimage Function Memory Allocation Failure in ReadPNMImage Function in GraphicsMagick 1.3.26 Arbitrary PHP Code Injection in BlackCat CMS 1.2 via backend/addons/ajax_create.php XSS Vulnerability in BlackCat CMS 1.2 Backend Settings Insufficient Verification of Code Origin and Integrity in IBM Security Identity Manager Virtual Appliance 7.0 Arbitrary PHP Code Execution Vulnerability in BlackCat CMS 1.2 Integer Overflow Vulnerability in qla2x00_sysfs_write_optrom_ctl Function Unspecified Cookie Secure Flag Vulnerability in NetApp OnCommand Unified Manager Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in ivr_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in mv_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in rl2_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in asf_read_marker() Denial of Service Vulnerability in FFmpeg 2.4 and 3.3.3 DoS Vulnerability in FFmpeg 3.3.3: CPU and Memory Consumption in cine_read_header() NULL Pointer Dereference Vulnerability in ImageMagick 7.0.6-10 Integer Overflow in _isBidi Function in Libidn2: Remote DoS and Possible Other Impact Integer Overflow in decode_digit Function in Libidn2: Remote DoS and Possible Other Impact Improper Host Validation in Async Http Client Arbitrary Memory Exposure in Ruby's JSON.generate SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via usernw Array Parameter in nowarn.php Arbitrary Command Execution Vulnerability in IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 XSS Vulnerability in NexusPHP 1.5.beta5.20120707 via PATH_INFO in ipsearch.php Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier SQL Injection in NexusPHP 1.5.beta5.20120707 via id parameter in linksmanage.php editlink action HTML Injection in Securimage 3.6.4 and earlier via $_SERVER['HTTP_USER_AGENT'] parameter in example_form.ajax.php or example_form.php Arbitrary Code Execution via SQL Injection in Trend Micro Mobile Security (Enterprise) Versions before 9.7 Patch 3 Arbitrary Code Execution through Unrestricted File Uploads in Trend Micro Mobile Security (Enterprise) Blank Password Authentication Bypass Vulnerability in Trend Micro Mobile Security (Enterprise) Arbitrary Code Execution Vulnerability in Trend Micro Mobile Security (Enterprise) Versions before 9.7 Patch 3 Uninitialized Pointer Information Disclosure Vulnerability in Trend Micro Mobile Security (Enterprise) Versions 9.7 and Below Remote Unauthenticated Download of OfficeScan Encryption File in Trend Micro OfficeScan 11.0 and XG Arbitrary Code Execution Vulnerability in Trend Micro OfficeScan 11.0 and XG Title: Information Disclosure Vulnerabilities in Trend Micro OfficeScan 11.0 and XG: Unauthorized Access to Network NT Domain and PHP Version Pre-authorization Remote Process Execution and INI Corruption Vulnerability in Trend Micro OfficeScan 11.0 and XG Host Header Injection Vulnerability in Trend Micro OfficeScan XG (12.0) Memory Corruption Privilege Escalation in Trend Micro OfficeScan 11.0 and XG via tmwfp.sys Remote Memory Corruption Vulnerability in Trend Micro OfficeScan 11.0 and XG Sensitive Information Disclosure Vulnerability in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Unencrypted Communications Vulnerability in Trend Micro ScanMail for Exchange 12.0 Exploitable Vulnerability in Trend Micro ScanMail for Exchange 12.0 Allows File Overwrite via Other Update Sources CSRF Vulnerability in Trend Micro ScanMail for Exchange 12.0 Web Interface Forms Cross-Site Scripting (XSS) Vulnerability in Trend Micro ScanMail for Exchange 12.0 Log Query and Quarantine Query Pages Cron Job Injection Vulnerability in Trend Micro Smart Protection Server (Standalone) 3.2 and Below Remote Command Execution via Local File Inclusion in Trend Micro Smart Protection Server (Standalone) Versions 3.2 and Below Stored XSS Vulnerability in Trend Micro Smart Protection Server (Standalone) Versions 3.2 and Below Improper Access Control Vulnerability in Trend Micro Smart Protection Server (Standalone) Allows Database Decryption Denial of Service Vulnerability in Asterisk 13.x and 14.x Unauthorized Media Takeover in Asterisk RTP Stack Arbitrary Shell Command Injection in Asterisk's app_minivm Module XML External Entity (XXE) Vulnerability in Conserus Image Repository Archive Solution 2.1.1.105 by McKesson Medical Imaging Company Privilege Escalation via PID File Manipulation in MIMEDefang 2.80 and Earlier Use-after-free vulnerability in GraphicsMagick 1.3.26 allows remote attackers to conduct attacks via crafted file in ReadJNGImage and ReadOneJNGImage functions. Arbitrary JSP Code Execution Vulnerability in HiveManager Classic 8.1r1 Denial of Service Vulnerability in Linux Kernel's tcp_disconnect Function Denial of Service Vulnerability in libzip's _zip_read_eocd64 Function Denial of Service (CPU Consumption) Vulnerability in GNOME gedit through 3.22.1 Weak Password Policy in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Authentication Credentials Logging Vulnerability in Philips IntelliSpace Cardiovascular (ISCV) and Xcelera RTPproxy NAT Feature Vulnerability AT&T U-verse Firmware Vulnerability: Unauthorized Remote Access and Root Privilege Escalation AT&T U-verse Arris NVG599 Firmware Vulnerability: Unauthorized Root Access via Caserver HTTPS Service Unauthenticated Proxy Service Vulnerability in AT&T U-verse 9.2.2h0d83 Firmware for Arris NVG589 and NVG599 Devices Arbitrary Command Execution in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Command Execution in EyesOfNetwork Web Interface (eonweb) 5.1-0 Sensitive Information Disclosure in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Directory Traversal Vulnerability in unrar 0.0.1: Unpacking Files to Upper Directory NULL Pointer Dereference Vulnerability in DecodeNumber Function of unrar 0.0.1 Stack-Based Buffer Over-Read Vulnerability in unrar 0.0.1 Unrestricted File Upload Vulnerability in Zoho ManageEngine Firewall Analyzer 12200's Group Chat Section Unauthorized Application Execution in eLux RP 5.x and 5.6.x SQL Injection Vulnerability in Responsive Image Gallery Plugin for WordPress XSS Vulnerability in Participants Database Plugin for WordPress Command Injection in Ping Module of Technicolor TD5336 OI_Fw_v7 Devices Remote Denial of Service Vulnerability in libbfd Remote Denial of Service Vulnerability in libbfd Heap-based Buffer Over-read Vulnerability in _bfd_elf_parse_attributes Function Heap-based buffer over-read vulnerability in JasPer 1.900.8 - 2.0.16 allows remote attackers to cause denial of service Reflected XSS Vulnerability in Maplesoft Maple T.A. 2016.0.6 (Customer Hosted) via emailAddress Parameter Arbitrary OS Command Execution in enigma2-plugins WebAdmin Plugin Out-of-Bounds Write Vulnerability in OpenCV 3.3 Excessive Memory Allocation Vulnerability in ImageMagick's ReadWEBPImage Memory Leak Vulnerability in ImageMagick 7.0.6-5's ReadWEBPImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteMSLImage in coders/msl.c Insecure move_pages System Call Allows Memory Layout Disclosure in Linux Kernel Arbitrary PHP Code Execution via Serialized Object in Kaltura's wiki_decode Developer System Helper Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kaltura before 13.2.0 Hardcoded Cookie Secret Vulnerability in Kaltura getUserzoneCookie Function SQL Injection in HelpDEZk 1.1.1 via admin/login/getWarningInfo/id/ PATH_INFO Arbitrary PHP Code Execution in HelpDEZk 1.1.1 Vulnerability: Unauthorized Factory Reset and Default Credentials Access on FiberHome AN1020-25 Routers NULL Pointer Dereference in GoAhead's websDecodeUrl Function Heap-based Buffer Overflow in OpenJPEG 2.2.0 Allows for Remote Code Execution Heap-based Buffer Overflow in OpenJPEG 2.2.0 Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier Uninitialized Data Structure Vulnerability in atyfb_ioctl Function Denial of Service Vulnerability in Scrapy 1.4 Local Privilege Escalation in OpenLDAP 2.4.45 and Earlier Denial of Service Vulnerability in Xiph.Org libvorbis 1.3.5 Session Hijacking Vulnerability in Mahara Heap-based Buffer Overflow in OpenJPEG 2.2.0 Excessive Memory Allocation Vulnerability in GraphicsMagick 1.3.26 Denial of Service Vulnerability in libarchive 3.3.2 via Crafted xar Archive Integer Overflow in QEMU's load_multiboot Function Allows Arbitrary Code Execution Integer Signedness Error in mxf_read_primer_pack Function in FFmpeg Denial of Service (DoS) vulnerability in FFmpeg 3.3.3 -> 2.4 due to lack of EOF check in mxf_read_index_entry_array() Denial of Service (DoS) Vulnerability in libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3 Denial of Service (DoS) Vulnerability in ImageMagick 7.0.7-0 Q16 Integer Overflow Vulnerability in ReadTXTImage() Function of ImageMagick 7.0.6-10 Denial of Service (DoS) Vulnerability in ImageMagick 7.0.7-0 Q16 Denial of Service (DoS) Vulnerability in ReadXBMImage() in ImageMagick 7.0.6-1 Q16 Arbitrary Command Execution in Bazaar through Subprocess SSH Local Privilege Escalation via Incomplete Fix in Apport 2.20.7 Unprivileged User Bypass Vulnerability in snapd's 'snap logs' Command Privilege Escalation and Container Escape Vulnerability in Apport Insecure File Permissions Vulnerability in IBM Integration Bus and WebSphere Message Broker Local Privilege Escalation via PID Namespace in Apport 2.13-2.20.7 NULL Pointer Dereference Vulnerability in DeleteBitBuffer Function in mp4tools aacplusenc 0.17.5 Fortinet FortiOS 5.4.0 to 5.4.5 JSON Web API Denial of Service Vulnerability VPN Authentication Credentials Disclosure Vulnerability SSL VPN Web Portal Information Disclosure Vulnerability in Fortinet FortiOS Fortinet FortiOS SSL VPN Web Portal Cross-site Scripting (XSS) Vulnerability Fortinet FortiOS Local Privilege Escalation and Code Execution via USB Drive Authentication Bypass Vulnerability in Fortinet FortiWebManager 5.8.0 Cross-site Scripting Vulnerability in Fortinet FortiOS Bypassing Signed User Cookie Protection in Fortinet FortiWeb XSS Vulnerability in FineCms 5.0.11's checktitle Function XSS Vulnerability in FineCms 5.0.11's OAuth Function with Internet Explorer Referer Header XSS Vulnerability in dayrui FineCms 5.0.11 Login Controller XSS Vulnerability in dayrui FineCms 5.0.11 via Referer Header in Internet Explorer Path Traversal Information Disclosure in Squiz Matrix File Bridge Plugin Multiple Reflected Cross-Site Scripting (XSS) Vulnerabilities in Squiz Matrix WYSIWYG Plugins Remote Code Execution (RCE) via Malicious Time_Format Tag in Squiz Matrix Critical Buffer Overflow Vulnerability Discovered in Zephyr Project's getaddrinfo() Implementation Zephyr Shell Use After Free Vulnerability: Denial of Service and Remote Code Execution Buffer Overflow Vulnerability in Zephyr Shell Component Allows Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM iNotes Allows for Credential Disclosure Persistent XSS Vulnerability on Intelbras Wireless N 150Mbps Router (Firmware WRN 240) Allows Wireless Credential Theft Insufficient User Rights Verification in IBM MaaS360 DTM (X-Force ID: 127412) Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in read_tfra() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in asf_build_simple_index() Heap-based Buffer Overflow in WritePCXImage in ImageMagick 7.0.6-8 Q16 NULL Pointer Dereference in av_color_primaries_name Function Heap-based Buffer Over-read Vulnerability in libwpd 0.10.1 Heap-based Buffer Over-read Vulnerability in MongoDB libbson 1.7.0 Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in paste_tokens() Function Remote Denial of Service Vulnerability in Jasper 2.0.13: Infinite Loop in jpc_dec_tileinit Function Exposure of Backend Server URLs in IBM WebSphere Portal 8.5 and 9.0 Off-by-one Error in Cyrus IMAP's mboxlist_do_find Function Allows Information Disclosure or Denial of Service Denial of Service Vulnerability in GeniXCMS 1.1.0 Denial of Service Vulnerability in FLIF 0.3 via Crafted FLIF File Arbitrary SQL Command Execution in Dolibarr ERP/CRM 6.0.0 via menuId Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dolibarr ERP/CRM 6.0.0 Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 8.5.7 Sensitive Information Disclosure Vulnerability in Dolibarr ERP/CRM 6.0.0 via document.php File Parameter Arbitrary Web Script Injection Vulnerability in Dolibarr ERP/CRM 6.0.0 Arbitrary SQL Command Execution in Dolibarr 6.0.0 via statut Parameter UTStar WA3002G4 ADSL Broadband Modem: Authentication Bypass Vulnerability Authentication Bypass Vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 Devices Out of Bounds Read Vulnerability in libsndfile 1.0.28: Remote DoS and Information Disclosure Remote DoS and Information Disclosure Vulnerability in libsndfile 1.0.28 SQL Injection in EyesOfNetwork Web Interface (eonweb) 5.1-0 via user_id Cookie Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-8 Q16 Denial of Service Vulnerability in ImageMagick 7.0.6-8 Q16 Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.0.1.1 and 8.5.7 Arbitrary PHP Code Execution via Unrestricted File Upload in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 SQL Injection via group_id cookie in EyesOfNetwork web interface Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable via Crafted .MP4 File Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable Write Access in SetItemCount AP4_StscAtom Write Memory Access Violation Vulnerability AP4_StssAtom Write Memory Access Violation Vulnerability AP4_StszAtom Read Memory Access Violation Vulnerability Vulnerability: Remote Password Hash Disclosure on Samsung NVR Devices Remote Account Creation Vulnerability in Honeywell NVR Devices Stack-based Buffer Overflow in LibRaw's xtrans_interpolate in internal/dcraw_common.cpp Heap-Based Buffer Overflow in Tcprewrite (CVE-2016-6160) CSRF Vulnerabilities in EE 4GEE WiFi MBB Devices XSS Vulnerability in EE 4GEE WiFi MBB Devices (before EE60_00_05.00_31) via sms_content Parameter Vulnerability: Information Disclosure in EE 4GEE WiFi MBB Devices Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Stack Corruption Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Clickjacking Vulnerability in IBM Cognos Analytics 11.0 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .jb2 File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 STDU Viewer 1.6.375 Remote Code Execution and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Streams 4.0, 4.1, and 4.2 Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Privilege Escalation Vulnerability in NetMechanica NetDecision 5.8.2 Privilege Escalation in Nagios Core through 4.3.4 via Non-Root Account Ownership XSS Vulnerability in Shibboleth WordPress Plugin Denial of Service Vulnerability in GraphicsMagick 1.3.26 DrawImage Function BlueBorne vulnerability in Apple iOS 7-9: Heap Overflow Exploit via LEAP Out-of-bounds Access in Xen's alloc_heap_pages Function Double-Free Vulnerability in C Xenstore Daemon NULL pointer dereference vulnerability in Xen 4.5.x through 4.9.x Grant Unmapping Vulnerability in Xen Arbitrary Code Execution in Mirasvit Helpdesk MX before 1.5.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mirasvit Helpdesk MX Administrative Interface Authentication Bypass Vulnerability in Interspire Email Marketer (IEM) prior to 6.1.6 SSRF Vulnerability in Ueditor's getRemoteImage.php in Onethink V1.0 and V1.1 Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16: ReadMPCImage Function in coders/mpc.c Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16: Exploiting PersistPixelCache in magick/cache.c Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16's ReadMATImage Function Arbitrary File Read Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x Buffer Overflow Vulnerability in Extreme EXOS 15.7, 16.x, 21.x, and 22.x Root Shell Access Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x via exsh Debug Shell Message Corruption Vulnerability in IBM WebSphere MQ 7.5, 8.0, and 9.0 Privilege Escalation Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x Bypassing exsh Restricted Shell Protection in Extreme EXOS 16.x, 21.x, and 22.x Session Hijacking Vulnerability in Extreme EXOS 15.7, 16.x, 21.x, and 22.x Integer Overflow and Denial of Service Vulnerability in GNU Binutils 2.29 Vulnerability: Unauthorized Admin Password Change on Beijing Hanbang Hanbanggaoke Devices Arbitrary User Access Vulnerability in MISP before 2.4.80 with X.509 Certificate Authentication and Non-MISP External User Management ReST API DNS Packet Parser Vulnerability: Infinite Pointer Loop Denial of Service (DoS) Local User Information Exposure Vulnerability in IBM DB2 for Linux, UNIX and Windows 11.1 Linux Kernel XFS_IS_REALTIME_INODE Macro Denial of Service Vulnerability ImageMagick 7.0.6-6 ReadWPGImage Large Loop Vulnerability Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6 via Crafted WPG Image File Memory Leak Vulnerability in ImageMagick 7.0.6-6 via Crafted XCF Image File Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier SQL Injection Vulnerability in tianchoy/blog via id parameter in view.php Unrestricted File Upload and PHP Code Execution in upload.php XSS Vulnerability in NexusPHP 1.5.beta5.20120707 - Fun.php Delete Action Heap-based Buffer Overflow in LibRaw's processCanonCameraInfo Function Authentication Bypass Vulnerability in HPE SiteScope: Exposing Sensitive Data Remote Code Execution Vulnerability in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40 Remote Code Execution Vulnerability in HP UCMDB Configuration Manager Remote Cross-Site Scripting Vulnerability in HP UCMDB Configuration Manager Remote Code Execution Vulnerability in HP UCMDB Foundation Software Remote Cross-Site Scripting Vulnerability in HP UCMDB Foundation Software Local Privilege Escalation Vulnerability in HPE Connected Backup Versions 8.6 and 8.8.6 Remote SQL Injection Vulnerability in HP ArcSight ESM and ESM Express Remote Exploitation of Reflected and Stored Cross-Site Scripting (XSS) in HP ArcSight ESM and ESM Express Remote URL Redirection Vulnerability in HP ArcSight ESM and ESM Express Remote Cross-Site Scripting Vulnerability in HPE Performance Center 12.20 Remote Denial of Service (DoS) Vulnerability in HPE Content Manager Workgroup Service v9.00 Critical Man-In-The-Middle Vulnerability in Micro Focus Project and Portfolio Management Center 9.32 Cross-Site Request Forgery Vulnerability in Micro Focus Project and Portfolio Management Center 9.32 Remote Cross-Site Scripting (XSS) Vulnerability in Micro Focus Operations Manager i (Versions 10.60-10.62) Privilege Escalation Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 Stored Cross-Site Scripting Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 via Source Asset ID Field Reflected Cross-Site Scripting Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 Reflected Cross-Site Scripting Vulnerabilities in RSA Archer GRC Platform prior to 6.2.0.5 via Help Pages Reflected Cross-Site Scripting Vulnerability in EMC RSA Authentication Manager 8.2 SP1 P4 and Earlier Hard-coded Password Vulnerability in Dell Storage Manager Authentication Bypass Vulnerability in EMC Virtual Appliances and eManagement Hardcoded Password Vulnerability in EMC AppSync Server Authentication Bypass Vulnerability in EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability in EMC RSA Authentication Agent API and SDK Cross-Site Scripting Vulnerability in EMC RSA Authentication Manager Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Privilege Escalation Vulnerability in EMC Isilon OneFS Reflected Cross-Site Scripting Vulnerability in Dell EMC VNX Control Station Directory Traversal Vulnerability in Dell Storage Manager EMConfigMigration Service Memory Overflow Vulnerability in EMC Data Domain DD OS Cross-Site Scripting Vulnerability in Dell 2335dn and 2355dn Multifunction Laser Printers NFS Export Security Setting Fallback Vulnerability in EMC Isilon OneFS GrootFS Volume Cache Poisoning Vulnerability Application Subdomain Takeover Vulnerability in Cloud Foundry Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Misconfiguration in Cloud Foundry Foundation cf-deployment v0.35.0 leads to unintended log draining locations Unvalidated Redirect Vulnerability in ForgeRock Access Management (OpenAM) and Access Management (AM) OpenAM and AM Authorization Server Reflective XSS Vulnerability SQL Injection Vulnerability in osTicket (Versions before 1.10.1) via Array Construction DLL Injection Vulnerability in AnyDesk for Windows Versions Prior to 3.6.1 Arbitrary Memory Access Vulnerability in Razer Synapse 2.20.15.1104 Unrestricted File Upload Vulnerability in BlackCat CMS 1.2.2 Arbitrary File Inclusion Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 Denial of Service Vulnerability in ImageMagick 7.0.7-1 Q16 SQL Injection Vulnerability in EyesOfNetwork Web Interface SQL Injection Vulnerability in EyesOfNetwork Web Interface SQL Injection Vulnerability in EyesOfNetwork Web Interface 5.1-0 Local File Inclusion Vulnerability in EyesOfNetwork Web Interface 5.1-0 Remote Command Execution Vulnerability in EyesOfNetwork Web Interface NULL Pointer Dereference Vulnerability in MP3Gain 1.5.2 Leads to Remote Denial of Service Stack-based Buffer Over-read in filterYule in MP3Gain 1.5.2: Remote Denial of Service Vulnerability Stack-based Buffer Over-read Vulnerability in MP3Gain 1.5.2 Leads to Remote Denial of Service Buffer Overflow Vulnerability in MP3Gain version 1.5.2 Allows Remote Code Execution Improper Access Control in IBM Emptoris Services Procurement 10.0.0.5 Buffer Over-read Vulnerability in III_i_stereo in MP3Gain 1.5.2 Stack-Based Buffer Overflow in copy_mp in mpglibDBL: Remote DoS and Possible Code Execution Invalid Memory Write Vulnerability in MP3Gain 1.5.2 Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware (FW114WWb07_h2ab_beta1) Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Unauthenticated Enrollment Vulnerability in D-Link DIR-850L REV. B Devices Cleartext Admin Password Exposure in D-Link DIR-850L REV. B Devices D-Link DIR-850L NPAPI Extension TCP Relay Vulnerability Cross-Site Request Forgery Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 D-Link DIR-850L NPAPI Extension SSL Certificate Verification Vulnerability Hardcoded Password Vulnerability in D-Link DIR-850L REV. B Devices Hardcoded Private Key Vulnerability in D-Link DIR-850L Routers Unauthenticated Nonce-Guessing Vulnerability in D-Link DIR-850L REV. A Firmware Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L REV. A and REV. B Devices Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L Routers Unauthenticated Remote Code Execution Vulnerability in D-Link DIR-850L Routers Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 D-Link DIR-850L Remote Denial of Service Vulnerability Xen Memory Leak Vulnerability: XSA-207 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 build 17030317 Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Stack Overflow in SDL2_image-2.0.2 ILBM Image Rendering Functionality Integer Overflow and Heap Overflow in SDL2_image-2.0.2 ICO Image Rendering SDL2_image-2.0.2 BMP Image Rendering Stack Overflow Code Execution Vulnerability Arbitrarily Controlled Information Leak in Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Update Request Buffer Overflow Vulnerability in Insteon Hub Firmware Update Request Handling Stack-based Buffer Overflow in Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Heap Overflow Vulnerability in SDL2_image-2.0.2 XCF Image Rendering Double-Free Vulnerability in SDL2_image-2.0.2 XCF Image Rendering Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 Buffer Overflow Vulnerability in SDL2_image-2.0.2 GIF Image Parsing Functionality Remote Code Execution Vulnerability in libevm of CPP-Ethereum Buffer Overflow Vulnerability in Insteon Hub's PubNub Message Handler Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware 1012 Buffer Overflow Vulnerabilities in Insteon Hub's PubNub Message Handler Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware Version 1012 Libevm `create2` Opcode Handler Out-of-Bounds Read Vulnerability Use-After-Free Vulnerability in Foxit PDF Reader 8.3.2.25013 Allows Arbitrary Code Execution Remote Root-Level OS Command Injection in Moxa AWK-3131A Wireless AP/Bridge/Client Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 Parity Ethereum JSON-RPC Cross-Domain Whitelist Vulnerability SMTP Email Message Out of Bounds Read Vulnerability Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Access and Modification of Data and Settings Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Data and Logic Manipulation Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Modification and Disclosure Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Live Rung Edits and Logic Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Data Disclosure and Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Access and Manipulation of Data and Logic Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Disclosure and Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Arbitrary Command Execution via Shell Command Injection in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris) Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (FreeBSD) Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Open Redirect Vulnerability in IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Shell command injection vulnerability in MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris) Arbitrary Code Execution via Crafted Content-Type: text/enriched Data in GNU Emacs Improper PID File Ownership in Gentoo dev-python/flower Package Privilege Escalation Vulnerability in Gentoo GIMPS Package Vibease Wireless Remote Vibrator App: Cleartext Message Exchange and Auth Token Vulnerability Remote User Impersonation Vulnerability in OhMiBod Remote App Denial of Service Vulnerability in Linux Kernel's iscsi_if_rx Function Open Redirect Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Heap-based Buffer Overflow in dnsmasq Allows Remote Code Execution via Crafted DNS Response Remote Code Execution via Crafted IPv6 Router Advertisement Request in dnsmasq Remote Code Execution via Crafted DHCPv6 Request in dnsmasq Remote Information Disclosure Vulnerability in dnsmasq Memory Leak Vulnerability in dnsmasq before 2.78 Allows Remote DoS via DNS Response Creation Integer Underflow Vulnerability in dnsmasq Allows Remote Denial of Service Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's tpacket_rcv Function XSS Vulnerability in SilverStripe CMS 3.6.1 and earlier (Issue SS-2017-017) Open Redirect Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 User-Assisted Code Execution Vulnerability in Podbeuter Podcast Playback Function in Newsbeuter Out-of-Bounds Read Vulnerability in libarchive 3.3.2 when Extracting ISO9660 ISO Files Off-by-one Error in libarchive 3.3.2: Out-of-bounds Read in RAR Archive Header Parsing Out-of-Bounds Read Vulnerability in libarchive 3.3.2 GraphicsMagick 1.3.26 ReadPNMImage XV 332 Format NULL Pointer Dereference Vulnerability NULL Pointer Dereference and Application Crash in ImageMagick 7.0.7-1 Cross-Site Scripting (XSS) Vulnerability in Geminabox (aka Gem in a Box) before 0.13.6 SQL Injection Vulnerabilities in Content Timeline Plugin 4.4.2 for WordPress SQL Injection Vulnerability in SugarCRM Documents and Emails Module Remote File Inclusion Vulnerability in SugarCRM Connectors Module Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Unauthenticated Cross-Site Scripting (XSS) Vulnerability in SugarCRM WebToLeadCapture Functionality Email Confirmation Bypass and Denial of Service Vulnerability in SAP E-Recruiting SQL Injection in NexusPHP 1.5.beta5.20120707 via sort parameter in editforum action MetInfo 5.3.17 Directory Traversal Vulnerability Directory Traversal Vulnerability in Tenda W15E Devices (CVE-2021-XXXX) Heap-based Buffer Overflow Vulnerability in Tenda W15E Devices before 15.11.0.14 SAP Business Objects Financial Consolidation XSS Vulnerability (SAP Security Note 2422292) NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document Floating Point Exception in Poppler 0.59.0 via Crafted PDF Document Memory Corruption Vulnerability in Poppler 0.59.0: Gfx.cc Infinite Loop Local Privilege Escalation and File Overwrite Vulnerability in IBM DB2 Floating Point Exception Vulnerability in Poppler 0.59.0 File Upload Vulnerability in WonderCMS 2.3.1 Arbitrary JavaScript Execution Vulnerability in WonderCMS 2.3.1 HTTP Host Header Injection Vulnerability in WonderCMS 2.3.1 Open Redirect Vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 Open Redirect Vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 Multiple XML External Entity (XXE) Vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 Multiple XML External Entity (XXE) Vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 Use-after-free vulnerability in TIFFSetProfiles function in ImageMagick 7.0.6 Heap-based Buffer Over-read Vulnerability in pe_print_idata Function of libbfd Arbitrary Command Execution Vulnerability in IBM Security Access Manager Appliance 9.0.3 CSRF and XSS Vulnerability in Crony Cronjob Manager Plugin for WordPress Memory Exhaustion Vulnerability in ImageMagick 7.0.7-0's ReadSUNImage Function NULL Pointer Dereference in TIFFIgnoreTags in ImageMagick 7.0.7-0 Memory Leak in ReadMATImage in ImageMagick 7.0.6-6 XSS Vulnerability in NexusPHP 1.5.beta5.20120707 via PATH_INFO in location.php OS Command Injection in trixbox 2.8.0.4 via lang parameter in /maint/modules/home/index.php XSS Vulnerability in trixbox 2.8.0.4 via PATH_INFO Path Traversal Vulnerability in trixbox 2.8.0.4 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Denial of Service Vulnerability in IrfanView 4.44 - 32bit via Crafted .svg File IrfanView 4.44 - 32bit Denial of Service Vulnerability via Crafted .svg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .svg File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service and Potential Impact Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service and Potential Code Execution Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .mobi File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Heap Corruption Vulnerability in STDU Viewer 1.6.375 Stack Corruption Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Stack Corruption Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Cross-Site Scripting (XSS) Vulnerability in IBM QRadar Network Security 5.4 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in IrfanView 4.44 - 32bit via Crafted .ani File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 XML External Entity Injection (XXE) Vulnerability in IBM QRadar Network Security 5.4 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.41 via Crafted .jb2 File Denial of Service Vulnerability in SAP NetWeaver AS JAVA 7.0 through 7.5 Unverified SSL Certificates in Zoho Site24x7 Mobile Network Poller Android App NetApp Clustered Data ONTAP SMB Denial of Service Vulnerability Title: Critical SSRF Vulnerability in Hipchat Server and Data Center Allows Remote Code Execution Client-side Remote Code Execution Vulnerability in Hipchat for Mac Desktop Client Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible before 4.4.2 Double OGNL Evaluation in FreeMarker Templates through Struts FreeMarker Tags in Bamboo Insecure Permissions Vulnerability in IBM Security Access Manager Appliance 8.0.0 and 9.0.0 Bamboo Server Remote Code Execution Vulnerability Argument Injection Vulnerability in Atlassian Fisheye and Crucible Versions Less than 4.4.3 and 4.5.0 Command Injection Vulnerability in Sourcetree for macOS Command Injection Vulnerability in Sourcetree for Windows Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Joomla! Logic Bug in SQL Query Allows Disclosure of Archived Article Intro Texts LDAP Authentication Plugin Vulnerability XSS Vulnerability in AfterLogic WebMail and Aurora AdminPanel OSPF Routing Table Vulnerability in IBM i Error-Based SQL Injection Vulnerability in Pragyan CMS v3.0 via $_GET['del_black'] in cms/admin.lib.php Boolean-based SQL Injection in Pragyan CMS v3.0 via $_GET['forwhat']: Information Disclosure Vulnerability Administrative Access Vulnerability in Citrix NetScaler ADC and Gateway Management Interface Insufficient RTCP Packet Validation Vulnerability in Asterisk File Type Spoofing Vulnerability in GNOME Nautilus Out of Bounds Read Vulnerability in ImageMagick 7.0.7-4 Q16 Out of Bounds Read Vulnerability in LibRaw Privilege Escalation via PID File Manipulation in Kannel 1.5.0 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Privilege Escalation via PID File Manipulation in Bareos 16.2.6 and Earlier Cockpit 0.13.0 SSRF Vulnerability Unverified SSL Certificate Vulnerability in Shpock Boot Sale & Classifieds App Visor GUI Console Directory Traversal Vulnerability FBX-5313 XML-RPC Interface Login Vulnerability FBX-5312 XML-RPC Interface Crash Vulnerability Floating Point Exception Vulnerability in Poppler 0.59.0 ImageStream Class Arbitrary Web Script Injection in phpMyFAQ Faq.php Arbitrary Web Script Injection in phpMyFAQ Configuration Module Cross-Site Scripting (XSS) Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Stored Cross Site Scripting in SmarterStats Version 11.3.6347 via Referer Field in HTTP Logfiles XSS Vulnerability in Portus 2.2.0 via Team Field and Typeahead Cross-Site Scripting (XSS) Vulnerabilities in Amazon Affiliates Store Plugin for WordPress Empty Password Login Vulnerability in go-ldap Package NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16's PostscriptDelegateMessage function in coders/ps.c NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16: sixel_output_create in coders/sixel.c NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16's sixel_decode function in coders/sixel.c Remote Code Execution Vulnerability in CyberLink LabelPrint 2.5 Heap-Based Buffer Overflow in pcxLoadImage24 Function of sam2p 0.49.3 Integer Signedness Error in in_xpm_reader Function Leads to Out-of-Bounds Array Write in sam2p 0.49.3 Integer Overflow Vulnerability in sam2p 0.49.3's pcxLoadImage24 Function Heap-based Buffer Overflow in sam2p 0.49.3's pcxLoadRaster Function Remote Code Execution Vulnerability in Xiph.Org libvorbis 1.3.5 Out-of-Bounds Array Read Vulnerability in Xiph.Org libvorbis 1.3.5 Divide-by-Zero DoS Vulnerability in libsndfile 1.0.28 Code Injection Vulnerability in OTRS 3.3.x, 4.x, and 5.x Integer Overflow and Memory Corruption in sam2p 0.49.3 Invalid Read/Write Vulnerability in sam2p 0.49.3's parse_rgb function NULL Pointer Dereference in AP4_AtomFactory::CreateAtomFromStream in Bento4 version 1.5.0-617 Stack-based Buffer Underflow and Out-of-Bounds Write in AP4_VisualSampleEntry::ReadFields in Bento4 1.5.0-617 Remote Denial of Service Vulnerability in Bento4 version 1.5.0-617 NULL Pointer Dereference in AP4_DataAtom Class in Bento4 v1.5.0-617 Remote Denial of Service Vulnerability in Bento4 version 1.5.0-617 Heap-based Buffer Over-read Vulnerability in AP4_HdlrAtom Class Heap-based Buffer Overflow in AP4_HdlrAtom Class in Bento4 1.5.0-617: Remote DoS and Potential Code Execution Heap-based Buffer Over-read in AP4_BitStream::ReadBytes in Bento4 v1.5.0-617 Heap-based Buffer Over-read Vulnerability in Bento4 version 1.5.0-617 Heap-based Buffer Overflow in AP4_VisualSampleEntry::ReadFields in Bento4 1.5.0-617 Global Buffer Overflow in BladeEnc 0.94.2: Remote DoS and Potential Code Execution Denial of Service Vulnerability in GraphicsMagick 1.3.26: ReadOneJNGImage JNG Data Validation Issue Remote Click Hijacking Vulnerability in IBM TRIRIGA Remote Code Execution Vulnerability in Horde_Image Library XSS Vulnerability in WSO2 Data Analytics Server 3.1.0 via add_collection_ajaxprocessor.jsp SQL Injection Vulnerability in Tapatalk Plugin for MyBB (Versions before 4.5.8) Arbitrary Order Information Disclosure in ASP4CMS AspCMS 2.7.2 Network Layer Privilege Escalation Vulnerability in InfoSphere Information Server Arbitrary File Placement Vulnerability in IBM InfoSphere Information Server Sensitive Employee Metadata Disclosure in ZKTeco ZKTime Web 2.0.1.12280 Privilege Escalation via p3scan.pid File Manipulation Heap-based Buffer Overflow in GetNextToken Function in ImageMagick 7.0.6 CSRF Vulnerability in Geminabox (Gem in a Box) before 0.13.7 Memory Leak Vulnerability in ImageMagick 7.0.7-4 Q16's ReadVIPSImage Function Denial of Service and Potential Impact via Crafted .xps File in Artifex MuPDF 1.11 Arbitrary Code Execution and Denial of Service Vulnerability in Artifex MuPDF 1.11 via Crafted .xps File XML Tag Name Comparison Vulnerability in Artifex MuPDF 1.11 Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service and Potential Remote Code Execution in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary File Placement Vulnerability in IBM InfoSphere Information Server Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.44 - 32bit via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in Foxit Reader and PhantomPDF Directory Traversal Vulnerability in Minion ID Validation in SaltStack Salt Denial of Service Vulnerability in SaltStack Salt Remote Password Change Vulnerability in ASUS DSL Routers Multiple XML External Entity (XXE) Vulnerabilities in ASUS DSL Routers' AiCloud Feature Arbitrary Code Execution Vulnerability in ERS Data System 1.8.1.0 SQL Injection Vulnerability in Cash Back Comparison Script 1.0: Remote Code Execution via PATH_INFO Arbitrary Code Execution via Unrestricted File Upload in Claydip Laravel Airbnb Clone 1.0 Remote Command Execution in DenyAll WAF before 6.4.1 via TCP Port 3001 Unauthenticated Information Disclosure in DenyAll WAF before 6.4.1 Unverified SSL Certificates Vulnerability in Komoot - Cycling & Hiking Maps App Unverified X.509 Certificates in SHEIN - Fashion Shopping App for iOS Clear-text Transmission of User Credentials in Kickbase Bundesliga Manager App Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Phonecall Notes Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Phonecalls Description Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Phonecalls Subject Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Alerts Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830 Tasks Description Parameter Cross-Site Scripting Vulnerability in WordPress Link Modal Directory Traversal Vulnerability in WordPress ZipArchive and PclZip Components Cross-Site Scripting Vulnerability in WordPress Template List View Cross-Site Scripting Vulnerability in WordPress Plugin Editor WordPress Customizer Directory Traversal Vulnerability WordPress SQL Injection Vulnerability in $wpdb->prepare() Function WordPress oEmbed Discovery Cross-Site Scripting Vulnerability Open Redirect Vulnerability in WordPress Admin Pages WordPress Cross-Site Scripting Vulnerability via TinyMCE Shortcodes Uninitialized Buffer Vulnerability in WeeChat Logger Plugin Authentication Bypass and Password Vulnerability in SiteOmat BOS Versions Heap-based Buffer Overflow in BFD Library's _get_synthetic_symtab Functions Weak Cryptographic Algorithms in IBM Security Access Manager Appliance 8.0.0 - 8.0.1.6 and 9.0.0 - 9.0.3.1: High-Risk Information Decryption Vulnerability Privilege Escalation via User-Writable Directory Trees in Gentoo app-admin/logstash-bin Package Heap-based Buffer Over-read Vulnerability in LibOFX 0.9.12 GraphicsMagick 1.3.26 RLE Image ReadRLEImage Function Denial of Service Vulnerability Heap-based Buffer Overflow in libbpg's build_msps Function XSS Vulnerability in OWASP AntiSamy before 1.5.7 via HTML5 Entities CacheD: Exploiting a Cryptographic Cache-Based Side Channel in RSA Implementation Remote SQL Injection Vulnerability in FileRun (version 2017.09.18 and below) NULL Pointer Dereference in AcquireResampleFilterThreadSet in ImageMagick 7.0.7-4 Sensitive Information Disclosure Vulnerability in IBM Security Access Manager Appliance GeniXCMS 1.1.0 Menu ID Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in ImageMagick 7.0.7-3 via Crafted Font File Remote Code Execution Vulnerability in LabF nfsAxe FTP Client 3.7 Unauthenticated SQL Injection Vulnerability in Faleemi FSC-880 00.01.01.0048P2 Devices XSS Vulnerability in UEditor 1.4.3.3 via IFRAME SRC Attribute Integer Overflow and Denial of Service Vulnerability in libbfd Samba 4.x Use-After-Free Remote Code Execution Vulnerability Race Condition Exploit in Overwatch 1.15.0.2: Remote Users Can Cause Denial of Service and Impact Competitive Gameplay Remote Code Execution Vulnerability in JerryScript 1.0 XSS Vulnerability in WP Jobs Plugin 1.5 for WordPress: Exploiting Job Qualification Field User Input Vulnerability in Mahara Profile Fields Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Arbitrary File Read Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 XML External Entity (XXE) Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 HTTP Strict Transport Security Bypass in IBM Security Access Manager Appliance SQL Injection in Event Espresso Lite Plugin v3.1.37.12.L for WordPress XSS Vulnerability in GeniXCMS 1.1.4 via id parameter in menus.control.php XSS Vulnerability in GeniXCMS 1.1.4 via id parameter in menus.control.php Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Install Themes Page Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Upload Modules Page XSS Vulnerability in GeniXCMS 1.1.4 via Menu ID Field in gxadmin/index.php Authentication Bypass Vulnerability in Simple Student Result Plugin for WordPress Heap Buffer Overflow in FFmpeg's sdp_parse_fmtp_config_h264 Function XML External Entity Injection (XXE) Vulnerability in IBM Security Access Manager Appliance 9.0.3 Information Disclosure Vulnerability in Skybox Manager Client Application Arbitrary File Upload Vulnerability in Skybox Manager Client Application (prior to 8.5.501) Username Enumeration Vulnerability in Skybox Manager Client Application Elevation of Privileges Vulnerability in Skybox Manager Client Application Laravel before 5.5.10 Remember Me Token Verification Vulnerability Local File Disclosure Vulnerability in IBM Security Access Manager Appliance 9.0.0 Denial of Service and Out-of-Bounds Read Vulnerability in libbpg 0.9.7 Integer Underflow Vulnerability in libbpg's hevc_write_frame Function Lack of Transport Encryption in Philips Hue Bridge BSB002 SW 1707040932 Allows Remote Attackers to Read API Keys and Gain Complete Control of Connected Accessories Privilege Escalation Vulnerability in PostgreSQL Init Script NetIQ Access Manager Cross Site Scripting Vulnerability in ESP Login Parameter Handling Sensitive Information Exposure in IBM Security Access Manager Appliance Reflected Cross-Site Scripting Vulnerability in NetIQ Access Manager Reflected XSS Vulnerability in NetIQ Access Manager before 4.3.3 Unvalidated Redirect Vulnerability in Novell Access Manager Admin Console and IDP Servers Arbitrary Code Execution Vulnerability in NetIQ Access Manager 4.3 and 4.4 Directory Traversal Vulnerability in Build Package (CVE-XXXX-XXXX) Improper Certificate Validation in SUSE Studio Onsite Allows Remote Package Modification SQL Injection Vulnerability in SUSE Studio Onsite Allows Remote Data Extraction and Modification User Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via Malicious JPEG2000 Images in PDF Files Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5011) Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via JPEG2000 Image Tile Index Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5016) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5017) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5018) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5019) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5020) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5021) Authentication Bypass Vulnerability in IBM Security Identity Manager Adapters 6.0 and 7.0 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5022) Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via Circle Annotation Objects Arbitrary Code Execution via Caret Annotation Style Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via Text Annotation Style Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via FileAttachment Annotation in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5027) Arbitrary Code Execution via modDate Attribute in Foxit Reader 8.3.1 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5029) Arbitrary File Upload Vulnerability in TeamWork Job Links' profileChange and coverChange Functions Arbitrary File Upload Vulnerability in TeamWork Photo Fusion's changeAvatar and changeCover Functions Information Disclosure Vulnerability in IBM WebSphere Commerce Arbitrary File Upload Vulnerability in TeamWork TicketPlus' updateProfile Function Arbitrary File Upload Vulnerability in Mojoomla Annual Maintenance Contract (AMC) Management System SQL Injection Vulnerability in Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress SQL Injection Vulnerability in Mojoomla School Management System for WordPress SQL Injection Vulnerability in Mojoomla WPGYM WordPress Gym Management System SQL Injection Vulnerability in Mojoomla WPCHURCH Church Management System for WordPress SQL Injection Vulnerability in Mojoomla Hospital Management System for WordPress SQL Injection Vulnerability in Mojoomla WPAMS Apartment Management System for WordPress SQL Injection Vulnerability in WPHRM Human Resource Management System for WordPress 1.0 Unintended File Access Vulnerability in Node.js 8.5.0 Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Stored Cross-site Scripting Vulnerability in Orpak SiteOmat Web Management Console Orpak SiteOmat Authentication Bypass via SQL Injection Invalid SSL Certificate Vulnerability in Orpak SiteOmat Management Console Orpak SiteOmat OrCU Code Injection Vulnerability Orpak SiteOmat CGI Stack Buffer Overflow Vulnerability Denial of Service Vulnerability in Red Lion HMI Panels via Long URI HTTP POST Request Invalid Free Vulnerability in Exiv2 0.26 Image Class Heap-Based Buffer Overflow in Exiv2::l2Data Function of types.cpp in Exiv2 0.26 Invalid Memory Address Dereference in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26: Denial of Service Vulnerability Cross-Site Scripting Vulnerability in IBM Cognos Business Intelligence 10.2 and 10.2.1 Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.26's Jp2Image::readMetadata Function Exiv2 0.26 Stack Consumption Vulnerability in image.cpp Exiv2 0.26 Invalid Memory Address Dereference Vulnerability Exiv2 0.26 Image.cpp NULL Pointer Dereference Vulnerability Invalid Memory Address Dereference in Exiv2::getULong in types.cpp in Exiv2 0.26: Denial of Service Vulnerability Heap-Based Buffer Overflow in Exiv2::us2Data Function of types.cpp in Exiv2 0.26 Heap-Based Buffer Overflow in Exiv2::s2Data Function of types.cpp in Exiv2 0.26 Arbitrary OS Command Execution via Unsafe Perl Scripts in Git XXE vulnerability in Restlet Framework before 2.3.11 allows remote file access via REST API HTTP request Uninitialized Data Vulnerability during FOTA Partition Update in Android for MSM, Firefox OS for MSM, QRD Android IBM Sterling File Gateway 2.2 Information Disclosure Vulnerability Stack Memory Leakage Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android Releases from CAF Kernel Memory Overwrite Vulnerability in Android Graphics Driver Heap Overread Vulnerability in ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE Kernel Out-of-Bounds Write Vulnerability in msm_ispif_config_stereo() Use-after-free vulnerability in IPA driver allows for arbitrary code execution Denial of Service Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Slab Out of Bound Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Undisclosed Vulnerability in Jazz Common Products: Potential Information Disclosure (IBM X-Force ID: 128627) Unprotected Access to Global Variable in Qualcomm Android and Firefox OS Use-After-Free Vulnerability in IPA IOCTL Handler for Android and Firefox OS Out-of-Bounds Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in wma_unified_power_debug_stats_event_handler() Function Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Buffer Overflow Vulnerability in wma_unified_link_peer_stats_event_handler Function Integer Overflow Leading to Heap Buffer Overflow in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Heap Buffer Overflow Vulnerability in CAF Android Releases Arbitrary Address Execution Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Redirect Vulnerability in IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community Configurations Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Stack Information Leak Vulnerability in KGSL Driver Function _gpuobj_map_useraddr() Potential Dangling Pointer Access in msm_pcm_hw_params() Function Buffer Over-read Vulnerability in Android Releases from CAF Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel Vulnerability: Incorrect Information Retrieval in iwpriv After Subsystem Reset Undersize Buffer Allocation Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Kernel Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE Command Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB Command Unspecified Vulnerability in Jazz Reporting Service 6.0 through 6.0.4 Could Expose Highly Sensitive Information Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI Command Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE Command Race Condition in GLink Kernel Driver Leads to Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in SENDACTIONFRAME IOCTL in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Arbitrary Unmap Vulnerability in MediaServer via Crafted Binder Request Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Vulnerability: Lack of PKCS7 Padding Support in Android Crypto Storage APIs Reduced Cryptographic Strength in Disk Encryption Key Derivation in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Improper Validation of Block Verification in SafeSwitch Test Application in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Unvalidated Count Value Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Weak Algorithm Negotiation in IBM QRadar Network Security 5.4 Buffer Overread Vulnerability in Snapdragon Processors XBL Loader Authentication Bypass Vulnerability Improper Buffer Attribute Marking in Secure Display on Qualcomm Snapdragon Devices Improper Truncation of DDR Address Input Validation in Android on Qualcomm Snapdragon Processors Stale Handles Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Qualcomm Snapdragon Mobile SD Processors Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in GPS Location Wireless Interface on Android and Firefox OS Denial of Service Vulnerability in Node.js zlib Module Stored XSS Vulnerability in eGroupware Community Edition before 16.1.20170922 via User-Agent Header Injection Stored XSS Vulnerability in Tine 2.0 Community Edition before 2017.08.4 via IMG Element in Filemanager Stored XSS Vulnerability in Tine 2.0 Community Edition before 2017.08.4 via IMG Element in History Stored XSS Vulnerability in Tine 2.0 Community Edition (before 2017.08.4) via IMG Element in Leadname Field CSRF Vulnerability Exploiting IMG Element in Tiki CSRF Vulnerability in Tiki: Unauthorized Global Permission Modification via IMG Element NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document Memory Corruption Vulnerability in Poppler 0.59.0 via Object::dictLookup() Improper Access Controls in IBM UrbanCode Deploy (UCD) 6.1 and 6.2 Memory Leak Vulnerability in decode_line_info in libbfd Denial of Service Vulnerability in OpenExif 2.1.4 via Crafted JPEG File Denial of Service Vulnerability in decode_line_info in libbfd Denial of Service Vulnerability in read_formatted_entries in libbfd Denial of Service Vulnerability in libbfd's process_debug_info Function Improper Request Validation in Pulse Secure Pulse One On-Premise 2.0.1649 and Below Vulnerability in Airbag Detonation Algorithm Allows Passenger Injury via Predictable Security Access Data Denial of Service Vulnerability in BFD Library (libbfd) in GNU Binutils 2.29 Heap-based buffer over-read vulnerability in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.5 NULL Pointer Dereference and Application Crash in scan_unit_for_symbols in libbfd Jaspersoft JasperReports 4.7 - Stored Credential Disclosure Vulnerability Remote Code Execution Vulnerability in Intelbras WRN 150 Devices Information Disclosure Vulnerability in Trapeze TransitMaster Inedo ProGet Package Addition Vulnerability (PG-1060) Denial of Service and Stack Corruption Vulnerability in Artifex GSView 6.0 Beta Denial of Service and Potential Impact via Crafted PDF File in Artifex GSView 6.0 Beta Arbitrary Code Execution and Denial of Service Vulnerability in Artifex GSView 6.0 Beta Buffer Overflow Vulnerability in D-Link Products: Remote Code Execution via fileaccess.cgi Arbitrary File Access via XXE Attack in Restlet Framework Memory Dump Vulnerability in IBM InfoSphere Information Server Double Free Vulnerability in i18n/zonemeta.cpp in ICU for C/C++ through 59.1 Default SSID Exposure Vulnerability in HikVision Wi-Fi IP Cameras Unintended Access to rusage Data Structures in Linux Kernel Allows Information Disclosure and KASLR Bypass Race condition in Check_MK before 1.2.8p26 allows remote attackers to obtain sensitive user information through a GUI crash report. Cross-Site Request Forgery Vulnerability in AlienVault USM v5.4.2 and Earlier Stored XSS Vulnerability in BlogoText before 3.7.6 via Comment Injection in inc/conv.php Remote PHP Code Execution in PivotX 2.3.11 via Unrestricted File Upload Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.x SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Arbitrary Write Vulnerability in IKARUS Anti-Virus 2.16.7's ntguard.sys Driver Out of Bounds Write Vulnerability in IKARUS Anti-Virus (CVE-2017-17112) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2021-XXXX) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2021-XXXX) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2017-17113) Arbitrary Write Vulnerability in IKARUS Anti-Virus Driver (CVE-2017-17114) Unauthorized File Access Vulnerability in IBM Sterling File Gateway 2.2 Memory leaks in Open vSwitch (OvS) while parsing malformed OpenFlow group mod messages Infocus Mondopad 2.2.08 Hashed Credential Disclosure Vulnerability InFocus Mondopad 2.2.08 Authentication Bypass Vulnerability Stored Cross-Site Scripting (XSS) Vulnerability in IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) NULL Pointer Dereference Vulnerability in libbfd Library NULL Pointer Dereference Vulnerability in FoFiType1C::convertToType0 Function in Poppler 0.59.0 Heap-based Buffer Over-read Vulnerability in FoFiType1C::convertToType0 Function in Poppler 0.59.0 NULL Pointer Dereference Vulnerability in FoFiTrueType::getCFFBlock Function in Poppler 0.59.0 Arbitrary File Read Vulnerability in Gxlcms Cross-Site Scripting (XSS) Vulnerability in IBM Connections 5.5 Buffer Overflow in Sync Breeze Enterprise 10.0.28 Login Endpoint ATutor before 2.2.3 - Cross-Site Scripting (XSS) Vulnerability in rss_feeds/edit_feed.php Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Arbitrary Web Script Injection in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Excessive Memory Allocation Denial of Service in OpenEXR 2.2.0 Use-After-Free Vulnerability in ImageMagick's RenderFreetype Arbitrary File Inclusion Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Cleartext Storage of Activation Keys in WordPress 4.8.2 Uninitialized Kernel Heap-Memory Information Disclosure Vulnerability Docker-CE (Moby) Content Verification Bypass Vulnerability Database Overflow Vulnerability in OXID eShop Community, Enterprise, and Professional Editions NULL Pointer Dereference in ReadDCMImage in GraphicsMagick 1.3.26 Stored XSS Vulnerability in WSO2 Management Console and Related Servers Integer Underflow in ReadPICTImage in GraphicsMagick 1.3.26 Reflected Cross Site Scripting (XSS) vulnerability in IBM Worklight Framework 6.1-8.0 RESTful Web API Stored Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 Reflected Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 on error.htm Weaker than Expected Security in IBM WebSphere Application Server due to Admin Console Vulnerability Regular Expression Denial of Service (ReDoS) Vulnerability in tough-cookie Module for Node.js Remote Denial of Service Vulnerability in Qt 5.x Named Pipes Arbitrary File Hijacking and Privilege Escalation in OpenText Documentum Content Server Vulnerability: Privilege Escalation through Content Replacement in OpenText Documentum Content Server Arbitrary Content Download Vulnerability in OpenText Documentum Content Server NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16 PDFDelegateMessage NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16's ReadEnhMetaFile NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16's ReadOneMNGImage Heap-Based Buffer Over-Read Vulnerability in LAME 3.99.5 and Earlier Versions NULL Pointer Dereference Vulnerability in LAME 3.99.5's hip_decode_init Function Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 Heap-based Buffer Over-read in libbfd Heap-based buffer over-read vulnerability in bfd_get_debug_link_info_1 in libbfd allows for denial of service Denial of Service Vulnerability in libbfd's dwarf2.c NULL pointer dereference vulnerability in read_formatted_entries in dwarf2.c in GNU Binutils 2.29 Denial of Service Vulnerability in find_abstract_instance_name in libbfd Denial of Service Vulnerability in decode_line_info in libbfd SSRF Vulnerability in Open-Xchange GmbH OX App Suite 7.8.4 and Earlier HTTP Response Splitting Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cross Site Scripting (XSS) vulnerability in Open-Xchange GmbH OX App Suite 7.8.4 and earlier Timing Information Leakage in ARM Trusted Firmware Versions up to v1.4 Memory Leak in ReadYCBCRImage in ImageMagick 7.0.7-2 Memory Leak in ReadYUVImage in ImageMagick 7.0.7-2 EmTec PyroBatchFTP Denial of Service Vulnerability Race condition leading to out-of-bounds read in smb_strdupin function in FreeBSD through 11.1 Race condition vulnerability in QEMU's v9fs_xattrwalk function allows local guest OS users to access sensitive information from host heap memory Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.2.1.57987acc3018 Weak AES Password Encryption in IBM WebSphere Application Server version 9.0.0.4 Remote Command Execution Vulnerability in go get Unintended Cleartext Issue in Go SMTP PlainAuth Implementation Remote Code Execution Vulnerability in Sierra Wireless AirLink Routers Remote Access and Privilege Escalation Vulnerability in DocuWare Fulltext Search Server Heap-based Buffer Over-read Vulnerability in LAME MP3 Encoder Stack-based Buffer Overflow in LAME Audio Encoder (Versions 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98, and 3.97) Denial of Service Vulnerability in Redis 4.0.2 Zoom Client for Linux Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution via ZoomLauncher Binary in Linux Client Multiple Stored XSS Vulnerabilities in TeamPass before 2.1.27.9 Arbitrary User Deletion and Modification Vulnerability in TeamPass Arbitrary Role Modification and Deletion Vulnerability in TeamPass Arbitrary File Upload Leading to Remote Command Execution in TeamPass Arbitrary Item Manipulation and Access Control Bypass in TeamPass Remote Denial of Service Vulnerability in UPX 3.94 Cross-Site Scripting (XSS) Vulnerability in IBM Cognos TM1 10.2 and 10.2.2 CSRF Vulnerability in Subrion CMS 4.1.x through 4.1.5 and before 4.2.0 Vulnerability: Information Disclosure in IBM Jazz Foundation Products (X-Force ID: 129619) Directory Traversal Vulnerability in Smush Image Compression and Optimization Plugin for WordPress Privilege Escalation Vulnerability in IBM Informix Dynamic Server 12.1 SQL Injection Vulnerability in PHPSUGAR PHP Melody CMS 2.6.1 via playlists.php Rapid7 Metasploit Web UI Logout CSRF Vulnerability Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Buffer overflow vulnerability in MIT Kerberos 5 allows remote code execution or denial of service Deserialization Vulnerability in Infinispan Hotrod Client Information Disclosure Vulnerability in IBM Jazz Foundation Products DNSSEC Validation Bypass Vulnerability in PowerDNS Recursor 4.0.0 - 4.0.6 API Read-Only Bypass Vulnerability in PowerDNS Authoritative Cross-Site Scripting Vulnerability in PowerDNS Recursor 4.0.0 - 4.0.6 Arbitrary Configuration Injection in PowerDNS Recursor Memory Leak in PowerDNS Recursor DNSSEC Parsing Code Deserialization Code Execution Vulnerability in Jackson-databind Null Pointer Dereference Vulnerability in GlusterFS Root Access Vulnerability in Red Hat PostgreSQL Initialization Scripts Vulnerability in json_populate_recordset and jsonb_populate_recordset Functions in PostgreSQL Privilege Escalation via INSERT ... ON CONFLICT DO UPDATE in PostgreSQL Stored XSS Vulnerability in Foreman Server: Exploiting HTML Injection in Facts, Trends, and Statistics Pages Vulnerability: Stack-Based Buffer Overflow in findTable() in Red Hat liblouis Privilege Escalation via USB Device in Linux Kernel Remote Command Execution and Privilege Escalation Vulnerability in Heketi Server API World Readable Heketi Configuration File Allows Password Extraction Unbound DNS Server Vulnerability: Improper Validation of Wildcard-Synthesized NSEC Records Improper Interpretation of Wildcard Synthesized NSEC Records in Dnsmasq DNSSEC Implementation (CVE-2017-14491) Arbitrary Command Injection in spice-vdagent up to and including 0.17.0 Email Address Enumeration Vulnerability in Moodle 3.x Insecure Temporary File Creation in keycloak-httpd-client-install Versions Before 0.8 Insecure Password Passing in keycloak-httpd-client-install Versions Before 0.8 Sensitive Password Logging Vulnerability in oVirt-Engine Privilege Escalation Vulnerability in libvirtd with TLS Transport Use-after-free vulnerability in sctp_do_peeloff function in Linux kernel before 4.14 NULL pointer dereference vulnerability in rngapi_reset function in Linux kernel before 4.2 Stack-based Buffer Overflow Vulnerability in NBD Server Implementation in QEMU Denial of Service Vulnerability in Quick Emulator (QEMU) NBD Server PowerDNS Recursor 4.0.8 Vulnerability: Denial of Service via Parsing of Authoritative Answers Filesystem Mount Vulnerability: System Crash via Misaligned File Punching Unrestricted RSS Feed Access in CloudForms Web Interface Unbounded Memory Allocation Vulnerability in QEMU VNC Server Stored XSS Vulnerability in CloudForms Self-Service UI Snapshot Feature Use-after-free vulnerability in Linux kernel before 4.13.6 allows removal of fork event from freed list Local Denial of Service Vulnerability in Linux Kernel's hugetlb_mcopy_atomic_pte Function Denial of Service Vulnerability in Linux Kernel's hugetlb_mcopy_atomic_pte Function Use-After-Free Vulnerability in Linux Kernel Network Namespace Code Denial of Service Vulnerability in Dovecot TLS SNI Configuration Lookups Umask Policy Bypass in XDG User Directories Creation Memory Leak Vulnerability in Dovecot's Auth Client Denial of Service Vulnerability in miekg-dns before 1.0.4 LDAP Search Filter Stack Buffer Overflow Vulnerability in 389-ds-base Authentication Bypass Vulnerability in 389-ds-base Hostname Reset Vulnerability in Red Hat Satellite 6 OpenShift Image Import Whitelist Bypass Vulnerability OpenShift Enterprise Cluster-Read Vulnerability: Unauthorized Access to Webhook Tokens Data Leakage Vulnerability in OpenStack Cinder: ScaleIO Thin Volumes with Zero Padding Sensitive Information Disclosure in IBM Doors Web Access 9.5 and 9.6 Remote Clickjacking Vulnerability in IBM Doors Web Access 9.5 and 9.6 Uninitialized Data Vulnerability in Libmp3splt 0.9.2 Double Free Vulnerability in FFmpeg 3.3.4 and Earlier: Remote Denial of Service via Crafted AVI File Persistent XSS Vulnerability in EyesOfNetwork Web Interface Infinite Loop Vulnerability in Wireshark DOCSIS Dissector (Versions 2.4.0 to 2.4.1) Denial of Service Vulnerability in IBM DB2 10.5 and 11.1 RTSP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1 DMP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15 BT ATT Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9 MBIM Dissector Memory Exhaustion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in include/global_session.php in Cacti 1.1.25 Privilege Escalation: Unauthorized Swimlane Editing in Kanboard Privilege Escalation: Unauthorized Removal of Columns in Kanboard Privilege Escalation: Unauthorized Category Addition in Kanboard Privilege Escalation: Unauthorized Category Editing in Kanboard Privilege Escalation: Unauthorized Editing of Private Project Metadata in Kanboard Unauthorized Command Execution in IBM DB2 with CLIENT Authentication Privilege Escalation: Unauthorized Task Addition in Private Projects Privilege Escalation: Unauthorized Tag Editing in Kanboard Privilege Escalation: Unauthorized Column Editing in Kanboard Privilege Escalation: Unauthorized Removal of Categories in Kanboard Privilege Escalation: Unauthorized Addition of Automatic Actions in Kanboard Privilege Escalation: Unauthorized Access to Attachments in Kanboard Privilege Escalation: Unauthorized Access to Private Projects via Form Data Manipulation Privilege Escalation: Unauthorized Task Editing in Kanboard Privilege Escalation: Unauthorized Removal of Automatic Actions in Kanboard Privilege Escalation: Unauthorized Removal of Attachments in Kanboard Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications Information Disclosure: Unauthorized Access to Private Project Thumbnails Privilege Escalation: Unauthorized Addition of External Links to Private Projects in Kanboard Information Disclosure: Unauthorized Access to Private Project Tags Stored XSS vulnerability in Flyspray: Gain Administrator Privileges via User Fields Stored XSS Vulnerability in Flyspray 1.0-rc4: Remote Code Execution and Privilege Escalation Reflected XSS Vulnerability in Shaarli v0.9.1 via searchtags Parameter in index.php Reflected XSS Vulnerability in MISP before 2.4.81 Memory Leak in ReadSGIImage in ImageMagick 7.0.7-2 Memory Leak in ReadOneJNGImage in ImageMagick 7.0.7-2 Stored Cross-Site Scripting (XSS) Vulnerability in dotCMS 4.1.1 Vanity-URLs, Containers, and Templates Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 Buffer Overflow Vulnerability in Flexense VX Search Enterprise 10.1.12 via Empty POST Request Buffer Overflow Vulnerability in ASX to MP3 Converter 3.1.3.7.2010.11.05 via Crafted M3U File Remote Code Execution Vulnerability in Ayukov NFTPD 2.0 and Earlier ArGoSoft Mini Mail Server 1.0.0.2 and Earlier Denial-of-Service Vulnerability Memory Leak Vulnerability in BFD Library Allows Denial of Service via Crafted ELF File Command Injection Vulnerability in Zyxel NBG6716 V1.00(AAKG.9)C0 Devices Use-after-free vulnerability in Irssi before 1.0.5 Unterminated Colour Formatting Sequences in Irssi before 1.0.5 May Lead to Data Access Vulnerability Unauthenticated Report Download Vulnerability in IBM InfoSphere MDM Collaborative Edition 11.5 NULL Pointer Dereference in libjpeg-turbo 1.5.2: Vulnerability in jdpostct.c and jquant1.c Authentication Bypass Vulnerability in Horde Groupware File Manager Improper Restriction of Proprietary Protocol in Tiandy IP Cameras Use-after-free vulnerability in GraphicsMagick's ReadOneJNGImage function Denial of Service Vulnerability in IrfanView 4.44 - 32bit with PDF Plugin 4.43 Information Disclosure Vulnerability in IBM Jazz Foundation Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (CVE-2021-XXXX) IrfanView PDF Plugin Remote Code Execution Vulnerability Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin IrfanView PDF Plugin Remote Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .tif File Race condition vulnerability in ALSA subsystem in Linux kernel before 4.13.8 Divide-By-Zero Vulnerability in GNU Libextractor 1.4's EXTRACTOR_wav_extract_method NULL Pointer Dereference in flac_metadata in GNU Libextractor 1.4 Memory Leak Vulnerability in Qemu 2.10.0 FTP Bounce Scan Vulnerability in PSFTPd 10.0.4 Build 729 Server XML External Entity Injection (XXE) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 CSV Injection Vulnerability in PSFTPd 10.0.4 Build 729 Server Remote Use-After-Free Vulnerability in PSFTPd 10.0.4 Build 729 Insecure Storage of Configuration Data in PSFTPd Server Arbitrary Code Execution via User-Submitted Titles in Mahara NULL Pointer Dereference and OOPS Vulnerability in Linux Kernel's keyctl.c Heap Memory Leakage Vulnerability in Samba before 4.7.3 Privilege Escalation via Path Traversal in OpenText Documentum Content Server Uninitialized Palette Leak in ReadGIFImage Function Cross-Site Scripting (XSS) Vulnerability in TeamPass before 2.1.27.9 Umbraco CMS XSS Vulnerability in Page Creation Umbraco CMS XXE Vulnerability: Sensitive Information Disclosure and SSRF Uninitialized Value Vulnerability in ReadPSDImage in ImageMagick 7.0.7-6 Cross-Site Scripting (XSS) Vulnerability in OctoberCMS 1.0.425: Remote Code Execution via Malicious SVG Avatar Remote Code Execution via File Extension Bypass in X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 NULL Pointer Dereference in tableColumnList in SQLite 3.20.1 XSS Vulnerability in BouquetEditor WebPlugin for Dream Multimedia Dreambox Devices Weak Permissions in Scala Compilation Daemon Out-of-Bounds Write Vulnerability in Qemu's Cirrus VGA Display Driver Cleartext Data Leakage in Mirasys Video Management System (VMS) Arbitrary Script Injection in TP-LINK TL-MR3220 Wireless Routers Unauthenticated Access and Attacks in Xpress Server of SAP POS (SAP Security Note 2520064) XSS Vulnerability in SAP CRM Java Administration Console (SAP Security Note 2478964) Unauthenticated File Access Vulnerability in SAP POS Xpress Server CSRF Vulnerability in SAP CRM Java Component (SAP Security Note 2478964) Unauthenticated Access to SAP Hostcontrol SOAP SAPControl Endpoint Git Bomb Vulnerability: Denial of Service and Disk Consumption KEYS subsystem vulnerability in Linux kernel through 4.13.7 allows for denial of service and potential system crash Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 Denial of Service Vulnerability in EWBF Cuda Zcash Miner Version 0.3.4b Improper Access Rights and Information Disclosure in CPUID CPU-Z Arbitrary Memory Write Vulnerability in CPUID CPU-Z Persistent Session Hijacking Vulnerability in Airtame HDMI Dongle Web Panel Cross-Site Scripting (XSS) Vulnerability in NexusPHP 1.5 via messages.php Keyword Parameter NULL pointer dereference vulnerability in KVM_CHECK_EXTENSION ioctl in Linux kernel Permission Control Vulnerability in Huawei Honor 8 Smartphones Huawei iReader App URL Input Validation Vulnerability Path Traversal Vulnerability in Huawei iReader App (CVE-2021-XXXX) Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 Arbitrary File Deletion Vulnerability in Huawei iReader App (CVE-2021-XXXX) Stack Overflow Vulnerability in Huawei Baseband Modules of Mate 10, Mate 10 Pro, Mate 9, and Mate 9 Pro Smartphones Stored XSS Vulnerability in Huawei SmartCare V200R003C10 Dashboard Module CSV Injection Vulnerability in Huawei SmartCare V200R003C10 Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Memory Leak Vulnerability in Huawei NIP6300, NIP6600, Secospace USG6300, and Secospace USG6500 Devices Memory Double Free Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Input Validation Vulnerability in Huawei Multiple Products Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Cross-Site Scripting (XSS) Vulnerability in IBM DOORS 9.5 and 9.6 Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Information Leak Vulnerability in Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) DoS Vulnerability in Huawei Smartphones: NFC Message Exploit DoS Vulnerability Causing Memory Exhaustion in Multiple Huawei Products DoS Vulnerability in Huawei S5700 and S6700 Switches: Insufficient Validation of NQA Packets Integer Overflow Vulnerability in Prague Smart Phones Weak Encryption Algorithm Vulnerability in DBS3900 TDD LTE V100R003C00, V100R004C10 Improper Authorization Vulnerability on Huawei Switch Products Authentication Bypass Vulnerability in Huawei HG8245H (Earlier than V300R018C00SPC110) SQL Injection Vulnerability in Huawei UMA V200R001C00 Operation and Maintenance Module Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager Appliance 9.0.3 Double Free Vulnerability in Huawei Smartphone Flp Driver Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR-S, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR Memory Leak Vulnerability in Huawei AR and USG Series Devices XML Parser Denial of Service Vulnerability Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei SIP Module Buffer Overflow Vulnerability in Huawei SIP Module Buffer Overflow Vulnerability in Huawei SIP Module Open Redirect Vulnerability in IBM Security Access Manager Appliance 8.0.0 and 9.0.0 Information Disclosure Vulnerability in Huawei Smartphones with TAG-AL00C92B168 Software Denial of Service Vulnerability in Huawei AR3200 and TE Series Routers and Videoconferencing Systems Denial of Service Vulnerability in Huawei DP300, TE60, TP3106, and eSpace U1981 Integer Overflow Vulnerability in Huawei AR3200 Software Integer Overflow Vulnerability in Huawei AR3200 Software Denial of Service Vulnerability in Huawei Smartphones with LON-L29DC721B186 Software XML Parser Denial of Service Vulnerability Use After Free (UAF) Vulnerability in Huawei Mate 9 Pro Mobile Phones Insufficient Input Validation Vulnerability in Huawei Network Security Products Memory Leak Vulnerability in Huawei CloudEngine Switches Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Buffer Overflow Vulnerability in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R Authentication Bypass Vulnerability in Huawei Honor V9 Play Smartphones Improper Access Control Vulnerability in Huawei OceanStor Storage Systems Out-of-Bounds Read Vulnerability in Huawei DP300, RP200, RSE6500, TE30, TE40, TE50, TE60, TX50, VP9660, ViewPoint 8660, and ViewPoint 9030 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Privilege Escalation via Symlink Attack in Arq Auto-Updater Privilege Escalation via Race Condition in Charles Proxy Settings SUID Binary Directory Traversal Vulnerability in 3CX Phone System 15.5.3554.1 Management Console Cross-Site Scripting (XSS) Vulnerability in IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0) Stored Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 ROCA: Vulnerability in Infineon RSA Library Arbitrary Client-Side JavaScript Code Execution in osTicket 1.10.1 via Crafted Support/SCP/Tickets.php?status= Link (XSS) Arbitrary File Read Vulnerability in Luracast Restler Double Free Vulnerability in Ccsv 1.1.0 Incorrect Ordering of DDL Replication and ACL Checking in MariaDB and Percona XtraDB Cluster Cleartext Log File Exposes Default Database Password in Thornberry NDoc 8.0 Multiple SQL Injection Vulnerabilities in Bacula-web Denial of Service and Stack-based Buffer Over-read Vulnerability in radare2 2.0.0 Use-after-free vulnerability in build_filter_chain function in MuPDF Heap-Based Buffer Overflow in SoX's ImaExpandS Function Leads to Denial of Service Attack Denial of Service Vulnerability in SoX 14.4.2: Assertion Abort in sox_append_comment() Stack-based Buffer Overflow in lsx_ms_adpcm_block_expand_i Function of SoX 14.4.2 SQL Injection Vulnerability in E-Sic 1.0 via q Parameter in lkpcep.php Cross-Site Scripting (XSS) Vulnerability in Shopware v5.2.5 - v5.3 Backend Modules Client-side Cross-Site Scripting Vulnerabilities in WpJobBoard v4.5.1 Unauthenticated Remote Command Execution in Mobatek MobaXterm 10.4 Vulnerability: Redundant Content Inspection in Suricata E-Sic 1.0 Password Reset SQL Injection Vulnerability Authentication Bypass Vulnerability in E-Sic 1.0 Undocumented URL Information Disclosure Vulnerability in IBM Financial Transaction Manager for ACH Services Cross-Site Scripting (XSS) Vulnerability in E-Sic 1.0 Registration Area SQL Injection Vulnerability in E-Sic 1.0 via f Parameter in zip code search script Unquoted BINARY_PATH_NAME Vulnerability in Nero 7.10.1.0 XSS Vulnerability in Rate Me 1.0 via id Field in rate-me.php Denial of Service and Potential Remote Code Execution in radare2 2.0.0 Omnibox Spoofing Vulnerability in Google Chrome Content Security Policy Bypass in Google Chrome prior to 62.0.3202.62 Out of Bounds Memory Read Vulnerability in Skia in Google Chrome Insufficient Watchdog Timer in Google Chrome Allows Remote URL Spoofing Privilege Escalation in IBM Business Process Manager through LDAP Group Manipulation Domain Spoofing Vulnerability in Google Chrome Insufficient Policy Enforcement in Google Chrome Extensions: Unauthorized Access via Crafted HTML Page Heap Corruption Vulnerability in V8 in Google Chrome Prior to 62.0.3202.62 Referer Leak Vulnerability in Google Chrome Devtools Remote Debugging Domain Spoofing Vulnerability in Google Chrome Extensions ImageCapture NULL Pointer Dereference Vulnerability in Google Chrome Stack Buffer Overflow in NumberingSystem in ICU for C/C++ Cleartext HTTP Request Observation and Tampering Vulnerability in ChromeVox Remote Code Execution Vulnerability in Google Chrome's QUIC Networking Stack Remote Code Execution Vulnerability in V8 Engine of Google Chrome Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Printer Zeroconfig CRLF Vulnerability in CUPS WebAssembly Memory Corruption Vulnerability in Google Chrome Sandbox Escape Vulnerability in Google Chrome on Chrome OS prior to 62.0.3202.74 Command Injection Vulnerability in crosh in Google Chrome OS Local Privilege Escalation in Crash Reporting in Google Chrome on Chrome OS Vulnerability: Local Privilege Escalation via Symlink Handling and Race Condition in cryptohomed Remote Code Execution Vulnerability in V8 in Google Chrome Remote Code Execution Vulnerability in Google Chrome's QUIC Networking Stack Heap Buffer Overflow in Omnibox in Google Chrome Heap Buffer Overflow in Skia in Google Chrome Inadequate Update Mechanism for AIX JRE/SDK Packages PDFium Use After Free Vulnerability in Google Chrome PDFium Use After Free Vulnerability in Google Chrome Heap Corruption Vulnerability in libxml2 WebAssembly Type Confusion Vulnerability in Google Chrome Pointer Leakage Vulnerability in Google Chrome IPC Heap Buffer Overflow in Blob API in Google Chrome Cross-Origin Data Leakage in Skia Canvas Composite Operations in Google Chrome Uninitialized Memory Vulnerability in Skia in Google Chrome Leaked Cross-Origin URL Vulnerability in Google Chrome's Resource Timing API Spoofing Omnibox Contents via Back Navigation in Google Chrome Integer Overflow in International Date Handling in ICU for C/C++ Leakage of Low-Order Bits in BoringSSL SPAKE2 Protocol in Google Chrome Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome XSS Vulnerability in Omnibox of Google Chrome prior to 63.0.3239.84 V8 Builtins String Generator Out of Bounds Read/Write Vulnerability Arbitrary Script Injection Vulnerability in V8 WebAssembly JS Bindings Chromecast Plugin in Google Chrome Prior to 63.0.3239.84 - Remote Code Injection Vulnerability Local Credential Caching Vulnerability in IBM Sterling B2B Integrator Standard Edition IBM Doors Web Access 9.5 and 9.6 Physical Access Credential Theft Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 Directory Traversal Vulnerability in IBM Sterling File Gateway 2.2 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 Password Change Vulnerability Remote Clickjacking Vulnerability in IBM API Connect 5.0.0.0 through 5.0.7.2 Cross-Site Scripting Vulnerability in NetApp SnapCenter Server Prior to 4.0 NetApp SnapCenter Server CSRF Vulnerability Unspecified Vector Information Disclosure Vulnerability in AltaVault OST Plug-in Privileged Database User Account Password Logging Vulnerability Unauthenticated Remote Attackers Can View and Modify Backup Data in SnapCenter 2.0 through 3.0.1 Link Injection Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Security Feature Bypass Vulnerability in Kemp Load Balancer's Application Firewall Pack (AFP) Denial of Service Vulnerability in Symantec Endpoint Encryption (SEE) v11.1.3MP1 and earlier Null Pointer Dereference Vulnerability in Symantec Endpoint Encryption (SEE) Prior to v11.1.3MP1 Directory Traversal Vulnerability in Symantec Management Console Certificate Spoofing Vulnerability in Install Norton Security (INS) Product Norton Family Android App Vulnerable to Denial of Service (DoS) Exploit Cross-Site Scripting (XSS) Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Information Disclosure Vulnerability in Norton Family Android App (Version Prior to 4.4.1.10) Excessive Authentication Attempts Vulnerability in Symantec Reporter Path Traversal Vulnerability in Symantec Messaging Gateway (Prior to 10.6.4) ROBOT Attack Vulnerability in Symantec SSL Visibility (SSLV) Authentication Bypass Vulnerability in Norton App Lock (prior to version 1.3.0.13) Vulnerability in MongoDB 3.4.x and 3.5.x: Denial of Service and Memory Modification via Enabled networkMessageCompressors Privilege Escalation Vulnerabilities in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0 Vulnerability: Privilege Escalation via x86 FPU Subsystem in Linux Kernel Stored XSS vulnerability in ILIAS Media Objects Component Allows for Administrator Privilege Escalation SQL Injection Vulnerability in zorovavi/blog via id parameter in recept.php Remote Click Hijacking Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Blind SQL Injection Vulnerability in EMC RSA Authentication Manager 8.2 SP1 P6 and Earlier Remote Unauthenticated Root Access Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance Arbitrary File Upload Vulnerability in EMC Avamar Server, EMC NetWorker Virtual Edition, and EMC Integrated Data Protection Appliance Unauthorized Generation of API Tokens in IBM API Connect 5.0.0.0 through 5.0.7.2 Path Traversal Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance Regular Expression Denial of Service (ReDoS) Vulnerability in IBM API Connect 5.0.7.0 through 5.0.7.2 NULL Pointer Dereference in GfxImageColorMap::getGrayLine() function in Poppler 0.59.0 via crafted PDF document Insecure SPANK Environment Variable Handling Vulnerability in SchedMD Slurm Local Privilege Escalation Vulnerability in IDEMIA MorphoSmart 1300 Series Devices Cross-Site Scripting (XSS) Vulnerability in Redmine Issue History Rendering Cross-Site Scripting (XSS) Vulnerability in Redmine Issue List Rendering Denial of Service Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3 Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3 Sensitive Information Exposure in Redmine Password Reset Tokens Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.6 and 3.3.x before 3.3.3 Stored XSS Vulnerability in Redmine via SVG Document Attachment Unauthenticated Access to Sensitive Differences in Redmine Time Entry Rendering Vulnerability in Redmine Remote Information Disclosure in Redmine Wiki Link Rendering SQL Injection in PHPSUGAR PHP Melody before 2.7.3 via admin/edit_category.php SQL Injection via aa_pages_per_page Cookie in PHPSUGAR PHP Melody before 2.7.3 Open Redirect Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Arbitrary File Upload Vulnerability in osTicket 1.10.1 Lack of Encryption in Diary with lock Android App Allows Sniffing of Sensitive Information Hardcoded AES Parameters in net.MCrypt Android App Vulnerability Local File Inclusion Vulnerability in ABB Fox515T 1.0 Embedded Web Server Integer Overflow in Artifex MuPDF 1.11's pdf_read_new_xref_section Race Condition in Xen Allows Arbitrary Code Execution on Host OS Uninitialized Hypervisor Stack Memory Write Vulnerability in Xen Vulnerability in Multiple IBM Rational Products Allows Disclosure of Sensitive Information Xen MSI Mapping Mishandling Vulnerability Denial of Service Vulnerability in Xen DMOP Map/Unmap Implementation Xen x86 HVM Guest OS Denial of Service and Privilege Escalation Vulnerability Memory Leak Vulnerability in Xen through 4.9.x Xen x86 SVM PV Guest OS IDT Mishandling Vulnerability Xen Privilege Escalation and Denial of Service Vulnerability through Crafted Page-Table Stacking Denial of Service Vulnerability in Xen ARM Guest OS Vulnerability: Grant Copying Code Memory Corruption and Denial of Service in Xen Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 NULL Pointer Dereference in EXTRACTOR_nsf_extract_method function of GNU Libextractor 1.4 Heap-based Buffer Overflow in EXTRACTOR_png_extract_method in GNU Libextractor 1.4 Integer Signedness Error in EXTRACTOR_nsfe_extract_method Function in GNU Libextractor 1.4 Directory Traversal Vulnerability in Inedo Otter before 1.7.4 (OT-181) CSRF Vulnerability in Inedo ProGet before 5.0 Beta5 Allows Unauthorized Modification of Advanced Settings Sensitive Cleartext Information Disclosure in Octopus before 3.17.7 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Vulnerability: Unauthorized Certificate Export with Guest Account in Octopus Server Privilege Escalation through User Invitation in Octopus before 3.17.7 Cross-Site Scripting (XSS) Vulnerability in Mistune 0.7.4 via Unexpected Newline or Crafted Email Address Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via cmxddns.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via phddns.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via pptp_client.lua Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Arbitrary Command Execution Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via wportal.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via webfilter.lua Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Missing Source Net Restriction in SuSEfirewall2 Allows Bypass of Portmap Service Access Restrictions Bypassing Access Restrictions in Mura CMS 6.2 via Draggable Feeds Feature Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Cross-Site Scripting (XSS) vulnerability in phpIPAM before 1.3.1 via the ip parameter in app/sections/user-menu.php Use-After-Free Vulnerability in lsx_aiffstartread in SoX 14.4.2 Remote Code Execution Vulnerability in IKARUS Anti Virus 2.16.7 via Man-in-the-Middle Attack SSRF Vulnerability in Webmin 1.850 via PATH_INFO to tunnel/link.cgi Arbitrary Command Execution Vulnerability in Webmin 1.850 via CSRF Webmin Remote Code Execution via XSS in File Manager Directory Traversal Vulnerability in FiberHome Routers via /cgi-bin/webproc XSS Vulnerability in PHPSUGAR PHP Melody before 2.7.3 via page_manager.php Race condition leading to use-after-free vulnerability in Linux kernel's af_packet module Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Buffer Overflow in musl libc DNS Parsing Arbitrary Code Execution Vulnerability in PRTG Network Monitor 17.3.33.2830 Artifex Ghostscript 9.22 Vulnerability: Information Disclosure Unauthenticated Remote Code Execution in Asus asuswrt HTTPd Server Predictable Session Tokens in Asus asuswrt HTTPd Server Allow Administrative Router Access Unpatched Buffer Overflow Vulnerability in Asus asuswrt HTTPd Server Allows for Remote Code Execution Vulnerability: Plaintext Password Storage in Asus asuswrt HTTPd Server Denial of Service Vulnerability in Flexense VX Search Enterprise v10.1.12 Control Protocol Denial of Service Vulnerability in Flexense Disk Pulse Enterprise v10.1.18 Control Protocol Denial of Service Vulnerability in Flexense Sync Breeze Enterprise v10.1.16 Control Protocol Denial of Service Vulnerability in Flexense DiskBoss Enterprise 8.5.12 Control Protocol Denial of Service Vulnerability in Flexense SysGauge Server 3.6.18 Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Heap-based Buffer Overflow in glob.c: Processing of Home Directories using ~ Operator Memory Leak Vulnerability in glob.c in GNU C Library (glibc) Out-of-Bounds Read Vulnerability in FFmpeg's read_header Function Arbitrary PHP Code Execution Vulnerability in CS-Cart 4.6.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Crafter CMS Crafter Studio 3.0.1 Unauthenticated IDOR Vulnerability Directory Traversal Vulnerability in Crafter CMS Crafter Studio 3.0.1 Allows Unauthenticated Attackers to Overwrite Files and Achieve Remote Code Execution (RCE) Stored/Blind XSS Vulnerability in Crafter CMS Crafter Studio 3.0.1 XML External Entity (XXE) vulnerability in Crafter CMS Crafter Studio 3.0.1 allows unauthenticated attackers to retrieve OS files out-of-band. Crafter CMS Crafter Studio 3.0.1 Directory Traversal Vulnerability XML External Entity (XXE) Vulnerability in Crafter CMS Crafter Studio 3.0.1 Cross Site Scripting (XSS) vulnerability in Crafter CMS Crafter Studio 3.0.1 allows remote attackers to steal users' cookies. DOM Based Cross Site Scripting (XSS) Vulnerability in Logitech Media Server 7.7.1-7.7.6, 7.9.0-7.9.1 Unspecified Denial of Service Vulnerability in IBM WebSphere Commerce 7.0 and 8.0 Marketing ESpot XML External Entity Expansion (XXE) Vulnerability in Apache UIMA Remote Code Execution Vulnerability in Apache Geode Locator Remote Code Execution Vulnerability in Apache Geode Server Apache Geode Server Secure Mode Metadata Modification Vulnerability Apache Geode Server Remote Code Execution Vulnerability Insecure Authorization in Apache Geode Configuration Service Remote Code Execution Vulnerability in Apache NiFi Vulnerability: Apache Tomcat Native Connector OCSP Check Bypass Apache Qpid Dispatch Router Denial of Service Vulnerability Information Disclosure Vulnerability in IBM Jazz Foundation Products Apache Sling Authentication Service 1.4.0 - Credential Theft via Login Form Vulnerability Apache Qpid Broker-J AMQP 1.0 Frame Size Enforcement Vulnerability Vulnerability: Apache Qpid Broker-J Authentication Provider Spoofing Java Deserialization Attack Vulnerability in Apache NiFi 1.x Releases Denial of Service Vulnerability in Apache SpamAssassin before 3.4.2 Incorrect Documentation for CGI Servlet Search Algorithm in Apache Tomcat Apache Struts 2.5 to 2.5.14 JSON-lib DoS Vulnerability Unauthenticated Remote Code Execution in Apache Synapse with Commons Collections 3.2.1 OpenWire Protocol Information Disclosure Vulnerability Weak Cryptographic Algorithms in IBM DB2 for Linux, UNIX and Windows Apache httpd mod_authnz_ldap Accept-Language Header Out-of-Bounds Write Vulnerability Apache Oozie File Exposure Vulnerability Exposure of Private Files in Apache Hadoop Job History Server Code Injection Vulnerability in BIRT Plugin of Apache OFBiz 16.11.01 to 16.11.03 Apache httpd 2.4.0 to 2.4.29 Filename Matching Vulnerability URL Encoding Bypass Vulnerability in Apache Sling XSS Protection API YARN NodeManager Credential Store Password Leakage Vulnerability Arbitrary JS Code Submission Vulnerability in Wicket jQuery UI WYSIWYG Editor Remote Code Execution Vulnerability in Apache Airflow 1.8.2 and Earlier Irssi DCC CTCP Message NULL Pointer Dereference Vulnerability Buffer Overflow Vulnerability in Irssi before 1.0.5 NULL Pointer Dereference Vulnerability in Irssi before 1.0.5 XML External Entity Injection Vulnerability in Dzone AnswerHub Stored Cross-site Scripting (XSS) via HTML Attachment in phpMyFAQ before 2.9.9 Stored Cross-site Scripting (XSS) Vulnerability in phpMyFAQ before 2.9.9 via metaDescription or metaKeywords CSRF Vulnerability in phpMyFAQ Glossary Addition CSRF Vulnerability in phpMyFAQ admin/stat.ratings.php CSRF Vulnerability in phpMyFAQ admin/stat.adminlog.php CSRF Vulnerability in phpMyFAQ admin/news.php CSRF Vulnerability in phpMyFAQ before 2.9.9 CSRF Vulnerability in phpMyFAQ Admin Panel CSRF Vulnerability in phpMyFAQ Glossary Modification Stored Cross-Site Scripting (XSS) Vulnerability in SPIP before 3.1.7 Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Stack Corruption Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 - Arbitrary Code Execution via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Weak Cryptographic Algorithms in IBM Sterling B2B Integrator Standard Edition Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Impact via Crafted .dwg File in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Denial of Service and Potential Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service Vulnerability in IrfanView 4.50 - 64bit via Crafted .tif File Denial of Service and Potential Impact via Crafted .dds File in IrfanView 4.50 - 64bit Directory Traversal Vulnerability in IBM WebSphere Portal Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43 Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File DLL File Mishandling Vulnerability in XnView Classic for Windows Version 2.43 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43 DLL File Mishandling Vulnerability in XnView Classic for Windows Version 2.43 Buffer Overflow Vulnerability in glob.c in GNU C Library (glibc) before 2.27 Directory Traversal Vulnerability in Cisco Small Business SA520 and SA540 Devices Arbitrary Code Execution via Crafted Email Address in ezcMailMtaTransport Class CSRF Vulnerability in phpMyFaq Admin/Ajax.Config.php XSS Vulnerability in phpMyFaq Admin Panel via Crafted Tag XSS Vulnerability in PopCash.Net Code Integration Tool Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in Pootle Button Plugin for WordPress XSS Vulnerability in Easy Appointments Plugin for WordPress Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out of Bounds Read Vulnerability in Android Camera Flash Driver Buffer Overflow Vulnerability in 802.11 MGMT Frame Processing in Android for MSM, Firefox OS for MSM, QRD Android Vulnerability: Authentication Failure in Qualcomm Android Products with CAF and Linux Kernel Integer Overflow Vulnerability in Android Releases from CAF Use After Free Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Unbounded Value Vulnerability in wma_p2p_noa_event_handler() Function Buffer Overflow Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Buffer Overflow Vulnerability in Spectral_create_samp_msg() Function Memory Leak Vulnerability in UpdateDeviceStatus() Function in Android Releases from CAF Out of Bounds Memory Access Vulnerability in Android Releases from CAF Double Free Vulnerability in MDSS Rotator in Android, Firefox OS, and QRD Android Integer Overflow Vulnerability in Android Keystore Access Race Condition in Qualcomm GPU Driver: Exploiting Use After Free Vulnerability Improper Error Handling in MyFaces JSF in IBM WebSphere Application Server Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Integer Overflow Vulnerability in wma_ndp_end_indication_event_handler() Function Untrusted Pointer Dereference in Power Function Leads to Information Exposure in Android for MSM, Firefox OS for MSM, QRD Android Race Condition Vulnerability in diag_dbgfs_read_dcistats() in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Denial of Service Vulnerability in CAF Android Releases Integer Overflow Vulnerability in Qualcomm Android and Firefox OS Buffer Over-read Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Vulnerability: Remote RAM Dump and FW Reset in Snapdragon Mobile Processors Buffer Use-After-Free Vulnerability in Android Releases from CAF Race Condition Vulnerability in msm_bus_floor_vote_context() in Android Releases from CAF Uninitialized Memory Write Vulnerability in Android Releases from CAF Invalid Input in WLAN Cal Data Store Operation Can Lead to Memory Leak or Buffer Overflow Untrusted Pointer Dereference Vulnerability in Android Camera Driver Race Condition Vulnerability in SPCom Kernel Driver Buffer Overflow Vulnerability in FastRPC Kernel Driver Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Audio Codec Register Read Vulnerability Vulnerability: Copy_from_user and Information Leak in msm_ois_subdev_do_ioctl Function Camera Driver Information Leak Vulnerability Buffer Over-read Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Integer Overflow and Buffer Overflow Vulnerability in wma_radio_chan_stats_event_handler() Kernel Buffer Overflow Vulnerability in Qualcomm Android and Firefox OS Double Free Vulnerability in Android Releases from CAF Out-of-Bounds Access Vulnerability in Android Camera Driver Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB Command Stack Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Unvalidated Array Access in wma_roam_synch_event_handler Function Integer Overflow and Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel XSS Vulnerability in wp-noexternallinks Plugin for WordPress Information Disclosure Vulnerability in OTRS Agent Frontend Remote Information Disclosure Vulnerability in bgpd of FRRouting (FRR) Cross-Site Scripting (XSS) Vulnerabilities in User-Login-History Plugin for WordPress Privilege Escalation via BNEP Connection Vulnerability Arbitrary Web Script Injection Vulnerability in LiveZilla knowledgebase.php Privilege Escalation via Image Path Execution Hijacking in Palo Alto Networks GlobalProtect Agent Denial of Service Vulnerability in serialize-to-js through 1.1.1 XSS Vulnerability in phpwcms 1.8.9 via Username Field in admin.edituser.tmpl.php and admin.newuser.tmpl.php Integer Overflow in get_next_block function in BusyBox 1.27.2 Integer Underflow in decompress_unlzma.c in BusyBox 1.27.2 leads to read access violation SQL Injection Vulnerability in Password Recovery in GPWeb 8.4.61 Unrestricted File Upload Vulnerability in GPWeb 8.4.61 Allows Remote Authenticated Users to Upload Malicious Files Insecure Permissions Vulnerability in GPWeb 8.4.61 Allows Remote Password and User Database Exposure Cross-Site Scripting (XSS) Vulnerability in KeystoneJS Contact Us Feature CSV Injection in KeystoneJS before 4.0.0-beta.7 via mishandled value in CSV export SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Script Injection in KeystoneJS Content Brief and Content Extended Fields Denial of Service Vulnerability in London Trust Media Private Internet Access (PIA) Android Application Authentication Bypass and Denial of Service Vulnerability in Sitefinity Privilege Escalation Vulnerability in HashiCorp Vagrant VMware Fusion Plugin Reflected XSS Vulnerability in Axis 2100 Network Camera 2.03 Web Administration Portal SSRF Vulnerability in Synology Chat Link Preview Allows Arbitrary File Download Excessive Authentication Attempts Vulnerability in Synology CardDAV Server Arbitrary Script Injection in Synology Audio Station's Custom Internet Radio List Command Injection Vulnerability in Synology DiskStation Manager (DSM) before 5.2-5967-5 Arbitrary Code Injection through Synology MailPlus Server Disclaimer Improper Access Control Vulnerability in Synology Calendar Allows Unauthorized Modification of Events Cross-Site Scripting (XSS) Vulnerabilities in Synology Chat Slash Command Creator Directory Traversal Vulnerability in Synology File Station Allows Arbitrary File Write Directory Traversal Vulnerability in Synology DiskStation Manager (DSM) Allows Arbitrary File Write Arbitrary File Write Vulnerability in Synology Router Manager (SRM) OpenSSL Vulnerability CVE-2017-3737: TLS Handshake Failure in Node.js Buffer Initialization Bug in Node.js Versions 8.X and 9.X OpenSSH 7.6 Vulnerability: Unauthorized Creation of Zero-Length Files SQL Injection Vulnerability in phpCollab 2.5.1 and Earlier: Remote Code Execution via newsdesk/newsdesk.php Remote DNS Server DoS Vulnerability in systemd-resolved Hardcoded Password Vulnerability in D-Link DGS-1500 Ax Devices Cross-Site Scripting Vulnerability in IBM WebSphere DataPower Appliances 7.0.0 through 7.6 Arbitrary Client-Side JavaScript Code Execution in Ignite Realtime Openfire Server Whale Installer Vulnerability: DLL Hijacking Remote User Override of Repository Restrictions in Borg Servers 1.1.x before 1.1.3 Unauthorized Map Creation Vulnerability in Paessler PRTG Network Monitor 17.3.33.2830 Critical Security Vulnerability in Sera 1.2: Plain Text Storage of User Login Passwords SQL Injection and PHP Object Injection in Ultimate Form Builder Lite Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management NULL Pointer Dereference Vulnerability in Watchdog Anti-Malware and Online Security Pro NULL Pointer Dereference Vulnerability in Watchdog Anti-Malware and Online Security Pro Out-of-Bounds Read Vulnerability in GNU Libextractor 1.4's EXTRACTOR_dvi_extract_method Function Denial of Service Vulnerability in Konversation IRC Client Command Injection Vulnerability in ss-manager in shadowsocks-libev 3.1.0 Segmentation Fault Vulnerability in Ox Gem 2.8.0 for Ruby Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Null Pointer Dereference in ReadOneJNGImage in GraphicsMagick 1.3.26 Integer Exception Vulnerability in radare2 2.0.1 via Crafted ELF Files on 32-bit Systems Integer Exception Vulnerability in radare2 2.0.1 SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Stored Cross-Site Scripting Vulnerability in Artica Pandora FMS version 7.0 Remote PHP Code Execution Vulnerability in Artica Pandora FMS Version 7.0 XSS Vulnerability in Artica Pandora FMS Version 7.0 Allows Remote Code Execution Artica Pandora FMS Version 7.0 Path Disclosure Vulnerability Denial of Service Vulnerability in libbfd's dwarf2.c NULL pointer dereference vulnerability in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.29 allows remote attackers to cause a denial of service via a crafted ELF file. Arbitrary Code Execution in Palo Alto Networks PAN-OS Web Interface Packet Capture Management Component Arbitrary Web Script Injection Vulnerability in Palo Alto Networks PAN-OS Denial of Service Vulnerability in Palo Alto Networks PAN-OS Server-side Request Forgery (SSRF) Vulnerability in Palo Alto Networks PAN-OS Arbitrary Code Execution via Management Interface in Palo Alto Networks PAN-OS Privilege Escalation via User-Writable Directory Trees in MySQL Installation Scripts SQL Injection Vulnerability in com_tag Component 1.7.6 for Joomla! XSS Vulnerability in Simple ASC Content Management System v1.2 Unrestricted File Upload and XSS Vulnerability in Perch Content Management System 3.0.3 SQL Injection in Xavier PHP Management Panel 2.4 via usertoedit and log_id parameters Local attacker can obtain highly sensitive information via unspecified vectors in IBM Security Guardium 10.0 Database Activity Monitor Buffer Overflow Vulnerability in Flexense SyncBreeze Enterprise 10.1.16 Race condition vulnerability in Linux kernel's KEYS subsystem Heap-based Buffer Overflow in bchunk (BinChunker) 1.2.0 and 1.2.1 when Processing Malformed CUE Files Heap-based Buffer Overflow and Invalid Free Vulnerability in bchunk (BinChunker) 1.2.0 and 1.2.1 Access Violation Vulnerability in bchunk (BinChunker) 1.2.0 and 1.2.1 Arbitrary File Download Vulnerability in ConverTo Video Downloader & Converter 1.4.1 Arbitrary File Upload Vulnerability in Ingenious School Management System 2.3.0 SQL Injection Vulnerability in D-Park Pro Domain Parking Script 1.0 via admin/loginform.php SQL Injection via PATH_INFO in Adult Script Pro 2.2.4 Unspecified Vector Information Disclosure Vulnerability in IBM Security Guardium 10.0 Database Activity Monitor SQL Injection Vulnerability in Article Directory Script 3.0 via id Parameter in author.php or category.php SQL Injection Vulnerability in iProject Management System 1.0 via ID Parameter in index.php Arbitrary File Upload Vulnerability in iStock Management System 1.0 SQL Injection Vulnerability in iTech Gigs Script 1.21 via browse-scategory.php and service-provider.php Parameters SQL Injection Vulnerability in Job Board Script Software via PATH_INFO SQL Injection Vulnerability in NS Download Shop Component for Joomla! SQL Injection Vulnerability in Zh YandexMap Component for Joomla! SQL Injection Vulnerability in Mailing List Manager Pro 3.0 SQL Injection Vulnerability in MyBuilder Clone 1.0 via phpsqlsearch_genxml.php Subcategory Parameter SQL Injection Vulnerability in PG All Share Video 1.0 via PATH_INFO Parameter Weak Password Policy in IBM Security Guardium Database Activity Monitor SQL Injection Vulnerability in PHP CityPortal 2.0 via nid and cat Parameters SQL Injection Vulnerability in Same Sex Dating Software Pro 1.0 SQL Injection in SoftDatepro Dating Social Network 1.3 via Multiple Parameters SQL Injection Vulnerability in Sokial Social Network Script 1.0 Authentication Bypass Vulnerability in tPanel 2009 via SQL Injection SQL Injection Vulnerability in Vastal I-Tech Dating Zone 0.9.9 via 'product_id' in add_to_cart.php ZeeBuddy 2x SQL Injection Vulnerability in admin/editadgroup.php SQL Injection Vulnerability in Protected Links - Expiring Download Links 1.0 SQL Injection Vulnerability in AROX School ERP PHP Script 1.0 via office_admin/id Parameter SQL Injection Vulnerability in Shareet - Photo Sharing Social Network 1.0 via the photo parameter Weak Cryptographic Algorithms in IBM Security Guardium 10.0 Database Activity Monitor: A Potential Decryption Vulnerability SQL Injection Vulnerability in US Zip Codes Database Script 1.0 via State Parameter SQL Injection Vulnerability in Responsive Newspaper Magazine & Blog CMS 1.0 SQL Injection Vulnerability in Dynamic News Magazine & Blog CMS 1.0 SQL Injection Vulnerability in MyMagazine Magazine & Blog CMS 1.0 SQL Injection Vulnerability in CMS Lite 1.4 via S Parameter in index.php SQL Injection Vulnerability in Basic B2B Script's product_view1.php pid/id Parameter SQL Injection Vulnerability in CPA Lead Reward Script Exploiting SQL Injection via Fake Magazine Cover Script: Vulnerabilities in rate.php and content.php SQL Injection Vulnerability in Nice PHP FAQ Script via the nice_theme Parameter in index.php SQL Injection Vulnerability in Online Exam Test Application Arbitrary File Upload Vulnerability in Php Inventory & Invoice Management System SQL Injection Vulnerability in Vastal I-Tech Agent Zone (aka The Real Estate Script) SQL Injection Vulnerability in Website Broker Script via 'status_id' Parameter Zomato Clone Script Vulnerability: SQL Injection via restaurant-menu.php resid parameter Archaic Checksum Mishandling in rsync 3.1.3-development before 2017-10-24 Buffer Overflow Vulnerability in readelf in GNU Binutils 2.29 Static RC4 Key Vulnerability in NQ Contacts Backup & Restore Application Insecure Transmission of Contact Data in NQ Contacts Backup & Restore Application Insecure Transmission of Login and User Data in NQ Contacts Backup & Restore Android App Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10.0 Database Activity Monitor SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Privilege Escalation Vulnerability in HashiCorp Vagrant VMware Fusion Plugin Vulnerability: Insecure Resource Download in windows-build-tools Header Forgery Vulnerability in http-signature <=0.9.11 Cross-Site Scripting (XSS) vulnerability in Remarkable versions 1.6.2 and lower allows execution of JavaScript via `data:` URIs in links. Invalid Curve Attack in node-jose Allows Private Key Recovery Script Injection Vulnerability in i18next <=1.10.2 Cross-site Scripting (XSS) Vulnerability in ag-grid when used with AngularJS Weak Password Policy in IBM Security Guardium Database Activity Monitor Cross-Site Scripting (XSS) Vulnerability in i18next 2.0.0 and later Denial of Service (DoS) Vulnerability in hapi <= 16.1.0 Denial of Service Vulnerability in Http-proxy Library Cross-Site Scripting (XSS) Vulnerability in Forms Library (Versions < 1.3.0) Cross Site Scripting (XSS) Vulnerability in sanitize-html Library (Versions 1.11.1 and below) Cross Site Scripting (XSS) Vulnerability in sanitize-html Versions 1.2.2 and Below URL Encoded Script Injection in Restify Framework Stored Cross-Site Scripting (XSS) Vulnerability in GitBook Unauthorized Access to Settings in IBM RSA DM Arbitrary Command Execution Vulnerability in Summit Node Web Framework Regular Expression Denial of Service (ReDoS) Vulnerability in uri-js Cross-Site Scripting (XSS) Vulnerability in Morris.js Denial of Service Vulnerability in Decamelize 1.1.0 - 1.1.1 Vulnerability: Information Disclosure via Sync-Exec's Temporary Buffer Denial of Service Vulnerability in Nes WebSocket Extension Library for Hapi Memory Leakage in Request Library Insecure Random Token Generation in react-native-meteor-oauth Directory Traversal Vulnerability in hostr 2.3.5 and Earlier Arbitrary Useragent String Length Vulnerability in Useragent 2.1.12 and Earlier Predictable Socket IDs in Socket.io 0.9.6 and Earlier Insecure Download of Dependencies in hubl-server Module Directory Traversal Vulnerability in `badjs-sourcemap-server` Directory Traversal Vulnerability in `gomeplus-h5-proxy` Allows Unauthorized File Access Directory Traversal Vulnerability in f2e-server 1.12.11 and Earlier Directory Traversal Vulnerability in hftp Server Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Anywhere 7.5 and 7.6 Vulnerability: Remote Code Execution (RCE) via MITM Attack in gfe-sass Library Insecure Resource Download in ikst Versions Before 1.1.2 Arbitrary Command Execution Vulnerability in Growl (before 1.10.2) HTML Injection Vulnerability in Shout IRC Client (Versions 0.44.0 - 0.49.3) Malicious `d3.js` Module: Hijacking Environment Variables Malicious Module Alert: jquery.js Exploiting Environment Variables Title: Malicious `mariadb` Module Exploits Environment Variables mysqljs: Malicious Module Exploiting Environment Variables node-sqlite: Malicious Module Exploiting Environment Variables Title: Malicious Module 'nodesqlite' Exploits Environment Variables, Prompting Unpublishing by npm Title: Malicious Module Alert: sqlite.js Exploits Environment Variables SQLiter: Malicious Module Exploiting Environment Variables Node-fabric: Malicious Module Exploiting Environment Variables Fabric-JS: Malicious Module Exploiting Environment Variables Nodefabric: A Malicious Module Exploiting Environment Variables SQLServer Module Vulnerability: Hijacking Environment Variables MSSQL.js: Malicious Module Exploiting Environment Variables NodeMSSQL: Malicious Module Exploiting Environment Variables Gruntcli: Malicious Module Exploiting Environment Variables mssql-node: Malicious Module Exploiting Environment Variables SQL Injection Vulnerability in IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 Babelcli: A Malicious Module Exploiting Environment Variables Tkinter: Malicious Module Exploiting Environment Variables Node-tkinter: Malicious Module Exploiting Environment Variables Node-opensl: Malicious Module Exploiting Environment Variables Node-OpenSSL: Malicious Module Exploiting Environment Variables OpenSSL.js: Malicious Module Exploiting Environment Variables Opencv.js: Malicious Module Exploiting Environment Variables Node-opencv: Malicious Module Exploiting Environment Variables FFmpeg Malicious Module: Hijacking Environment Variables NodeFFmpeg: Malicious Module Exploiting Environment Variables Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 NodeCaffe: Malicious Module Exploiting Environment Variables nodemailer-js: Malicious Module Exploiting Environment Variables nodemailer.js: Malicious Module Exploiting Environment Variables noderequest: A Malicious Module Exploiting Environment Variables Crossenv: Malicious Module Exploiting Environment Variables Malicious npm Module: http-proxy.js Hijacks Environment Variables Proxy.js: Malicious Module Exploiting Environment Variables Mongose: Malicious Module Exploiting Environment Variables Shadowsock: Malicious Module Exploiting Environment Variables SMB Module Vulnerability: Hijacking Environment Variables Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Nodesass: Malicious Module Exploiting Environment Variables Cross-Env.js: Malicious Module Exploiting Environment Variables Remote Code Execution Vulnerability in pg Module with Specially Crafted Column Names Directory Traversal Vulnerability in node-simple-router Directory Traversal Vulnerability in list-n-stream v0.0.10 or Lower: Unauthorized Filesystem Access Directory Traversal Vulnerability in tinyserver2: Unauthorized Filesystem Access ReDoS Vulnerability in ua-parser User Agent Parser Safe-eval Module Vulnerability: Breaking Out of the Sandbox Directory Traversal Vulnerability in serverlyr: Unauthorized File System Access Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 Directory Traversal Vulnerability in fsk-server: Unauthorized File System Access Directory Traversal Vulnerability in xtalk: Unauthorized File System Access Directory Traversal Vulnerability in Sencisho HTTP Server Directory Traversal Vulnerability in Cyber-JS Server Directory Traversal Vulnerability in iter-http Server Directory Traversal Vulnerability in serverliujiayi1 Directory Traversal Vulnerability in serveryaozeyan HTTP Server Directory Traversal Vulnerability in tiny-http: Unauthorized File System Access Vulnerability: Regular Expression Denial of Service in Charset 1.0.0 and Below Regular Expression Denial of Service (ReDoS) Vulnerability in no-case Module Command Injection Vulnerability in dns-sync's resolve() Method Directory Traversal Vulnerability in serverwg: Unauthorized File System Access Directory Traversal Vulnerability in serverhuwenhui HTTP Server Directory Traversal Vulnerability in serveryztyzt: Unauthorized File System Access Directory Traversal Vulnerability in citypredict.whauwiller Directory Traversal Vulnerability in serverwzl: Unauthorized File System Access Directory Traversal Vulnerability in tmock: Unauthorized File System Access Directory Traversal Vulnerability in PooledWebSocket Directory Traversal Vulnerability in gaoxiaotingtingting HTTP Server Directory Traversal Vulnerability in easyquick Web Server Directory Traversal Vulnerability in weather.swlyons Web Server Regular Expression Denial of Service in hapijs Content Module Regular Expression Denial of Service (ReDoS) Vulnerability in parsejson Module Regular Expression Denial of Service Vulnerability in the Marked Module Regular Expression Denial of Service Vulnerability in Timespan Module Regular Expression Denial of Service (ReDoS) Vulnerability in string module's underscore and unescapeHTML methods Regular Expression Denial of Service (ReDoS) Vulnerability in Slug Module Regular Expression Denial of Service (ReDoS) Vulnerability in Express.js Forwarded Module Regular Expression Denial of Service (ReDoS) Vulnerability in Fresh Module of Express.js Untrusted Code Execution Vulnerability in IBM WebSphere MQ Service Trace Module Directory Traversal Vulnerability in Liyujing Static File Server Directory Traversal Vulnerability in datachannel-client: Filesystem Access via URL Manipulation Directory Traversal Vulnerability in cuciuci Fileserver Directory Traversal Vulnerability in welcomyzt File Server Directory Traversal Vulnerability in node-server-forfront Directory Traversal Vulnerability in rtcmulticonnection-client Vulnerability: botbait module records and tracks sensitive user information Pandora-Doomsday: A Contagious Module Infecting Other Modules Command and Control Server Connection Vulnerability in npm-script-demo Vulnerability: ZIP Bomb Attack in superagent HTTP Client Module Unauthenticated Remote Access Vulnerability in IBM Connections 6.0 Directory Traversal Vulnerability in exxxxxxxxxxx Directory Traversal Vulnerability in unicorn-list Web Framework Directory Traversal Vulnerability in simple-npm-registry Directory Traversal Vulnerability in Goserv HTTP Server Directory Traversal Vulnerability in http_static_simple: Unauthorized File System Access Directory Traversal Vulnerability in serverzyy: Unauthorized Filesystem Access via URL Manipulation Regular Expression Denial of Service (ReDoS) Vulnerability in method-override Module Regular Expression Denial of Service in Debug Module Regular Expression Denial of Service (ReDoS) Vulnerability in Mime Module Directory Traversal Vulnerability in Jikes File Server Directory Traversal Vulnerability in lab6.brit95 File Server Directory Traversal Vulnerability in lab6drewfusbyu HTTP Server Directory Traversal Vulnerability in Infraserver RESTful Server Directory Traversal Vulnerability in commentapp.stetsonwood Directory Traversal Vulnerability in myserver.alexcthomas18 Directory Traversal Vulnerability in sspa Server Directory Traversal Vulnerability in mockserve Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in Shit-Server: Unrestricted Filesystem Access Directory Traversal Vulnerability in serve46: Unauthorized File System Access Directory Traversal Vulnerability in zwserver Allows Unauthorized File Access Directory Traversal Vulnerability in wanggoujing123 Webserver Critical Remote Code Execution Vulnerability in ElectronJS Directory Traversal Vulnerability in static-html-server Directory Traversal Vulnerability in Gaoxuyan: Unauthorized File System Access Directory Traversal Vulnerability in Earlybird Web Server Module Directory Traversal Vulnerability in fast-http-cli Directory Traversal Vulnerability in myprolyz: Unauthorized File System Access Directory Traversal Vulnerability in censorify.tanisjr Directory Traversal Vulnerability in dcserver: Unauthorized File System Access Directory Traversal Vulnerability in caolilinode: Unauthorized File System Access Directory Traversal Vulnerability in 11xiaoli File Server Directory Traversal Vulnerability in Shenliru File Server Directory Traversal Vulnerability in 22lixian File Server Directory Traversal Vulnerability in dylmomo File Server Directory Traversal Vulnerability in desafio Web Server Allows Access to .html Files Directory Traversal Vulnerability in calmquist.static-server Directory Traversal Vulnerability in byucslabsix HTTP Server Directory Traversal Vulnerability in yyooopack File Server Directory Traversal Vulnerability in wffserve Allows Unauthorized File Access Directory Traversal Vulnerability in looppake HTTP Server Directory Traversal Vulnerability in liuyaserver: Unauthorized File System Access Directory Traversal Vulnerability in hcbserver Directory Traversal Vulnerability in section2.madisonjbrooks12 Web Server Directory Traversal Vulnerability in utahcityfinder Allows Unauthorized Filesystem Access Whispercast File Server Directory Traversal Vulnerability Directory Traversal Vulnerability in ewgaddis.lab6 File Server Directory Traversal Vulnerability in Jansenstuffpleasework File Server Directory Traversal Vulnerability in ChatByVista File Server Directory Traversal Vulnerability in intsol-package File Server Directory Traversal Vulnerability in Dasafio Web Server Allows Unauthorized File Access Directory Traversal Vulnerability in serverabc: Unauthorized File System Access Directory Traversal Vulnerability in WintiWebDev Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in serverxxx: Unauthorized Filesystem Access Directory Traversal Vulnerability in iter-server: Unauthorized File System Access Directory Traversal Vulnerability in scott-blanch-weather-app Directory Traversal Vulnerability in uekw1511server: Unauthorized File System Access Directory Traversal Vulnerability in 360class.jansenhm Directory Traversal Vulnerability in open-device Web Interface Directory Traversal Vulnerability in reecerver Web Server Directory Traversal Vulnerability in sly07 API Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in dcdcdcdcdc Directory Traversal Vulnerability in cypserver Directory Traversal Vulnerability in getcityapi.yoehoehne Directory Traversal Vulnerability in mfrs Static File Server Directory Traversal Vulnerability in Picard Micro Framework Directory Traversal Vulnerability in pytservce: Unauthorized File System Access Directory Traversal Vulnerability in QuickServer Directory Traversal Vulnerability in Qinserve Directory Traversal Vulnerability in ritp Web Server Directory Traversal Vulnerability in susu-sum: Unauthorized File System Access Directory Traversal Vulnerability in uv-tj-demo: Unauthorized File System Access Directory Traversal Vulnerability in zjjserver: Unauthorized Filesystem Access CoffeeScript Module: Unauthorized Data Exfiltration during Installation Coffee-Script Module: Unauthorized Data Exfiltration During Installation JQuery Module: Unauthorized Data Exfiltration during Installation Coffeescript Module: Data Exfiltration Vulnerability Coffee-Script Module: Data Exfiltration Vulnerability during Installation Discordi.js: Malicious Module Exploiting Login Tokens Directory Traversal Vulnerability in dmmcquay.lab6 REST Server Directory Traversal Vulnerability in enserver Allows Unauthorized File Access Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Directory Traversal Vulnerability in jn_jj_server: Unauthorized File System Access Directory Traversal Vulnerability in lessindex: Unauthorized File System Access Directory Traversal Vulnerability in ltt Static File Server Directory Traversal Vulnerability in mfrserver Directory Traversal Vulnerability in peiserver Directory Traversal Vulnerability in sgqserve: Unauthorized File System Access Directory Traversal Vulnerability in Tencent-Server: Unauthorized Filesystem Access Directory Traversal Vulnerability in fbr-client via Socket.io and WebRTC Directory Traversal Vulnerability in dgard8.lab6: Unauthorized File System Access Directory Traversal Vulnerability in yttivy: Unauthorized File System Access Certificate Validation Vulnerability in IBM QRadar SIEM 7.2.8 and 7.3 Directory Traversal Vulnerability in wind-mvc Framework Directory Traversal Vulnerability in yzt File Server Directory Traversal Vulnerability in Elding Web Server Directory Traversal Vulnerability in nodeaaaaa: Unauthorized File System Access HTTP 301 Redirect Vulnerability in st Module Aegir JavaScript Project Management Module GitHub Token Exposure Vulnerability Arbitrary Code Execution via Global Function Constructor in static-eval Module Denial of Service Vulnerability in Quagga's aspath_put Function Arbitrary Command Execution via SSH URL in Dulwich (CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, CVE-2017-1000117) Stack-based Buffer Over-read Vulnerability in Ox Gem 2.8.1 for Ruby Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 and 7.3 Cross-Site Scripting (XSS) Vulnerability in Typecho 1.1 via admin/write-post.php PCRE 8.41 pcretest Load Test PoC Crash Overflow in match() Function Memory Leak Vulnerabilities in LibTIFF 4.0.8 Arbitrary Write Vulnerability in Vir.IT eXplorer Anti-Virus Driver (VIAGLT64.SYS) OpenStack Nova Filter Scheduler Bypass Vulnerability Insecure Permissions Specification in IBM QRadar 7.3 and 7.3.1 Remote Command Execution in AMAG Symmetry Door Edge Network Controllers Bypassing Fingerprint Authentication on MECO USB Memory Stick Cross-Site Request Forgery Vulnerability in OctoberCMS 1.0.426 (Build 426) Arbitrary File Read Vulnerability in Catalyst-Plugin-Static-Simple Module Debut Embedded HTTP Server Denial of Service Vulnerability IBM Pulse for QRadar 1.0.0 - 1.0.3 Information Disclosure Vulnerability Mitel ST 14.2 API User Enumeration Vulnerability Mitel ST 14.2 Conferencing Component Arbitrary Code Execution Vulnerability Stack-based Buffer Overflow in Insteon Hub 2245-222 Firmware Version 1012 via PubNub Service Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler of Insteon Hub 2245-222 - Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware v1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Improper Authorization Checks in IBM Business Process Manager 8.6.0.0 REST API for Event Manager Control Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) Allows Arbitrary JavaScript Code Injection Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Cross-Site Request Forgery Vulnerability in IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling File Gateway 2.2 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Information Disclosure Vulnerability in IBM Sterling B2B Integrator 5.2 through 5.2.6 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Stack-based Buffer Overflow in Insteon Hub 2245-222 Firmware 1012 via PubNub Service Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Insteon Hub Firmware 1012: Unauthenticated Reboot Vulnerability XML External Entity (XXE) Vulnerability in SAP BPC Reporting Functionality Use-after-free vulnerability in IBM Tivoli Monitoring V6 6.2.2.x allows remote code execution Heap-based Buffer Overflow in GraphicsMagick 1.3.26's DescribeImage() Function GraphicsMagick 1.3.26 Memory Information Disclosure Vulnerability in DescribeImage Function Arbitrary File Listing Vulnerability in Phusion Passenger 5.1.10 Reflected XSS in Kubik-Rubik SIGE: Remote Code Execution via Crafted Parameters Memory Corruption Vulnerability in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in radare 2.0.1 Out-of-Bounds Read Vulnerability in string_scan_range() in radare 2.0.1 Pointer Wraparound Vulnerability in store_versioninfo_gnu_verdef() in radare 2.0.1 Use After Free Vulnerability in Adobe Acrobat and Reader: Arbitrary Code Execution Security Bypass Vulnerability in Adobe Acrobat and Reader Out of Bounds Read Vulnerability in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions Buffer Over-read Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Security Bypass Vulnerability in Adobe Acrobat and Reader Plugin Type Confusion Overflow Vulnerability in Adobe Acrobat and Reader Stack-based buffer overflow vulnerability in Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, and 11.0.22 and earlier allows arbitrary code execution via a crafted Unicode string in an invalid PDF file. Same Origin Policy Security Bypass Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Uninitialized Pointer Vulnerability in Adobe Acrobat and Reader Uninitialized Pointer Vulnerability in Adobe Acrobat and Reader Type Confusion Overflow Vulnerability in Adobe Acrobat and Reader Security Bypass Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in TIFF Parsing during XPS Conversion Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Acrobat and Reader Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in JPEG Processing Module Vulnerability Use After Free Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in TIFF Processing Module Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in XPS Parsing Module Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Type Confusion Vulnerability in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Adobe Acrobat and Reader GIF Image Conversion Memory Write Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Stack Exhaustion Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management WordPress 4.8.3 SQL Injection Vulnerability in $wpdb->prepare() Privilege Escalation Vulnerability in Hashicorp Vagrant-VMware-Fusion Buffer Overflow Vulnerabilities in Ipswitch WS_FTP Professional 12.6.0.3 and Earlier (WSCLT-1729) Multiple Persistent Stored Cross-Site Scripting (XSS) Vulnerabilities in WebsiteBaker 2.10.0 Denial of Service Vulnerability in yajl-ruby Gem 1.3.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Inedo BuildMaster Privilege Escalation Vulnerability Improper Use of XslTransform in Inedo BuildMaster before 5.8.2 Remote Root Access Vulnerability in MitraStar GPT-2541GNAC (HGU) and DSL-100HN-T1 Devices Undocumented Root Account Vulnerability in MitraStar GPT-2541GNAC (HGU) and DSL-100HN-T1 Devices Unrestricted File Upload and Remote Code Execution Vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D Devices Use-after-free vulnerability in usb_serial_console_disconnect function in Linux kernel before 4.13.8 Denial of Service and System Crash Vulnerability in Linux Kernel Use-after-free vulnerability in Linux kernel allows denial of service via crafted USB device Use-after-free vulnerability in sound/core/seq_device.c in the Linux kernel before 4.13.4 Denial of Service and Out-of-Bounds Read Vulnerability in Linux Kernel's snd_usb_create_streams Function Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) Denial of Service and Out-of-Bounds Read Vulnerability in Linux Kernel USB UAS Driver USB Device Out-of-Bounds Read and System Crash Vulnerability in Linux Kernel USB Device Crafted Payload Causes Kernel Crash USBHID Out-of-Bounds Read and System Crash Vulnerability Out-of-Bounds Read Vulnerability in Linux Kernel USB Driver USB Device Out-of-Bounds Read and System Crash Vulnerability NULL pointer dereference vulnerability in cx231xx_usb_probe function in Linux kernel through 4.13.11 NULL pointer dereference vulnerability in imon_probe function in Linux kernel through 4.13.11 Denial of Service and System Crash Vulnerability in Linux Kernel USB DVB Driver SCSI MICDROP Vulnerability in Docker Moby Local Unprivileged User Information Disclosure in IBM Spectrum Scale Unauthenticated Remote Database Copying in OpenEMR before 5.0.0 Patch 5 TorMoil: Anonymity Bypass Vulnerability in Tor Browser Post-Authentication SQL Injection in Zoho ManageEngine Applications Manager 13 before Build 13500 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 before Build 13500 Arbitrary Code Execution and File Write Vulnerability in BusyBox Tab Autocomplete Denial of Service and Potential Remote Code Execution in GraphicsMagick 1.3.26 Unvalidated Colormap Index Vulnerability in ImageMagick 7.0.7-9 Denial of Service and Potential Remote Code Execution in GraphicsMagick 1.3.26 Heap-based Buffer Over-read Vulnerability in rsync 3.1.2 and 3.1.3-development Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) Allows Arbitrary JavaScript Code Execution Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability SQL Injection Vulnerability in Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 SanDisk Secure Access 3.01 Vulnerability: Persistent Storage of Decrypted Files Boolean-based and Time-based SQL Injection in friend_index parameter of Ingenious School Management System 2.3.0 Authentication Bypass Vulnerability in UserPro Plugin for WordPress CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Settings Modification Stored Cross-site scripting (XSS) vulnerability in Vonage (Grandstream) HT802 devices via DHCP vendor class ID field (P148) in /cgi-bin/config2 CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Access Insecure FTP Server Allows Unauthorized Access and Full Device Control on Jooan IP Camera A5 2.3.36 Arbitrary Script Injection in Logitech Media Server 7.9.0 via Favorite Logitech Media Server 7.9.0 Cross-Site Scripting (XSS) Vulnerability via Radio URL Injection Open URL Redirect Vulnerability in Zurmo 3.2.1.57987acc3018 CSRF Bypass in KeystoneJS before 4.0.0-beta.7 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5072) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 LZWDecode Filter Parsing Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via XFA's bind Element (ZDI-CAN-5091) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5094) Arbitrary Code Execution via XFA Forms in Foxit Reader 8.3.2.25013 Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 via JPEG2000 Image Parsing Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 via ImageField Node in XFA Forms Arbitrary Code Execution via Foxit Reader 8.3.2.25013 Document Object Author Attribute Vulnerability Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 Remote Code Execution in Foxit Reader 8.3.2.25013 via XFA Forms Vulnerability Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5290) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5294) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5295) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5296) Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4977) Critical XSS Vulnerability in HCL iNotes Allows Theft of Authentication Credentials Authentication Bypass Vulnerability in NetGain Systems Enterprise Manager 7.2.699 build 1001 NetGain Systems Enterprise Manager 7.2.699 Build 1001 Remote Information Disclosure Vulnerability NetGain Systems Enterprise Manager 7.2.730 build 1034 Authentication Bypass and Information Disclosure Vulnerability Arbitrary File Deletion Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Creation Vulnerability in NetGain Systems Enterprise Manager 7.2.730 NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote Information Disclosure Vulnerability NetGain Systems Enterprise Manager 7.2.730 Build 1034 Authentication Bypass and Sensitive Information Disclosure Vulnerability Arbitrary Code Execution Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Deletion Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote Code Execution Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Upload Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Creation Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Unauthenticated Remote Information Disclosure in Netgain Enterprise Manager (ZDI-CAN-4718) Arbitrary Code Execution in Netgain Enterprise Manager (ZDI-CAN-4749) Unauthenticated Remote Information Disclosure in Netgain Enterprise Manager (ZDI-CAN-4750) Arbitrary Code Execution in Netgain Enterprise Manager via upload_save_do.jsp (ZDI-CAN-4751) Local Privilege Escalation Vulnerability in libXfont Heap Buffer Overflow Vulnerability in libXcursor and Wayland Authentication Bypass Vulnerability in OpenStack Swauth SSRF Vulnerability in tpshop 2.0.5 and 2.0.6: Remote Information Disclosure and Command Execution Arbitrary Command Execution in MLAlchemy YAML Parsing Arbitrary Command Execution in PyAnyAPI YAML Parser Arbitrary Command Execution in OwlMixin YAML Loading Functionality User Enumeration Vulnerability in SapphireIMS 4097_1 Insecure Direct Object Reference (IDOR) Allows Guest Users to Create Local Administrator Accounts in SapphireIMS Insecure Direct Object Reference (IDOR) Allows Guest User to Change Administrative Password in SapphireIMS 4097_1 Base64 Password Storage Vulnerability in SapphireIMS 4097_1 Unauthenticated Access to Custom Fields in Joomla! (CVE-2017-16642) Joomla! 2-Factor Authentication Bypass Vulnerability XSS Vulnerability in TinyWebGallery v2.4: Remote Code Injection in TWG Explorer Item Listing Bludit v1.5.2 and v2.0.1 XSS Vulnerability in Editor Context Local Attackers Exploit Critical Vulnerability in Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11 Privilege Escalation Vulnerability in Gentoo net-misc/vde Package Tor Browser on Windows before 8.0: Anonymity Bypass Vulnerability Weak Cryptographic Algorithms in IBM Tivoli Key Lifecycle Manager 2.5-2.7: High-Risk Information Decryption Vulnerability Arbitrary OS Command Execution in Cacti 1.1.27 via path_rrdtool Parameter Out-of-bounds Read Vulnerability in PHP Date Extension Out-of-Bounds Read and System Crash Vulnerability in Linux Kernel's parse_hid_report_descriptor Function Denial of Service and System Crash Vulnerability in Linux Kernel's hdpvr_probe Function Denial of Service and Out-of-Bounds Read Vulnerability in ims_pcu_get_cdc_union_desc Function Denial of Service and System Crash Vulnerability in Linux Kernel through 4.13.11 NULL pointer dereference and system crash vulnerability in Linux kernel USB driver Use-after-free vulnerability in Linux kernel through 4.13.11 allows for denial of service or potential other impact via crafted USB device USB device crafted to cause divide-by-zero error and system crash in Linux kernel (CVE-2017-16644) Weak Cryptographic Algorithms in IBM Tivoli Key Lifecycle Manager 2.5-2.7: High-Risk Information Decryption Vulnerability Denial of Service and System Crash Vulnerability in Linux Kernel through 4.13.11 Arbitrary File Access Vulnerability in Roundcube Webmail Open Redirect Vulnerability in Symfony Authentication Handlers CSRF Vulnerability in Symfony's CSRF Protection Implementation Directory Traversal Vulnerability in Symfony Intl Component Privilege Escalation Vulnerability in Gentoo mail-filter/assp Package XML External Entity Injection (XXE) Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Remote Code Execution in Cacti 1.1.27 via Log Path Vulnerability Arbitrary File Read Vulnerability in Cacti 1.1.27 Integer Overflow and Heap-Based Buffer Overflow in sam2p 0.49.4's ReadImage Function Code Injection Vulnerability in OTRS Agent Interface Reflected Cross Site Scripting (XSS) Vulnerability in RemObjects Remoting SDK 9 1.0.0.0 for Delphi Arbitrary Command Execution in Xplico before 1.2.1 via Uploaded PCAP File Name Improper Escaping/Quoting of File Paths in backintime (aka Back in Time) before 1.1.24 Heap-based Buffer Overflow in GraphicsMagick 1.3.26 Arbitrary Code Execution Vulnerability in SoapUI 5.3.0 Project Import Functionality Buffer Overflow Vulnerability in Asterisk Open Source 13, 14, 15, and Certified Asterisk 13.13 Memory Leak in Asterisk Open Source and Certified Asterisk Unauthenticated Remote Impersonation Vulnerability in Datto Backup Agent Unauthenticated Remote Command Execution Vulnerability in Datto Windows Agent SSRF Vulnerability in SAP NetWeaver Knowledge Management Configuration Service and EPBC SAP Startup Service URL Redirection Vulnerability Open Redirect Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Audit Log Injection Vulnerabilities in SAP HANA Extended Application Services 1.0, Advanced Model Unencoded User Inputs in SAP Business Intelligence Promotion Management Application: Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in SAP NetWeaver Internet Transaction Server (ITS) SAP Business Objects Platform Denial of Service Vulnerability Authentication Bypass Vulnerability in SAP Business Intelligence Promotion Management Application Insufficient Encoding of User Inputs in SAP Business Warehouse Universal Data Integration: Cross-Site Scripting (XSS) Vulnerability SAP HANA User Account Enumeration Vulnerability Unauthenticated Trusted RFC Connection Vulnerability Sensitive Information Disclosure in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 DLL Preload Attack Vulnerability in NwSapSetup and Installation Program for SAP Plant Connectivity 2.3 and 15.0 SAP Note Assistant Tool Vulnerability: Tampered File Extraction SQL Injection Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Arbitrary Code Execution Vulnerability in Crestron Airmedia AM-100 and AM-101 Devices Directory Traversal Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Arbitrary Web Script Injection in Crestron Airmedia AM-100 and AM-101 Devices SWFTools 0.9.2 Denial of Service Vulnerability Plaintext Password Storage Vulnerability in Ice Qube Thermal Management Center Ethernet Frame Padding Information Exposure Vulnerability in Moxa NPort Devices SQL Injection Vulnerability in WebAccess Versions Prior to 8.3 Heap-based Buffer Overflow Vulnerability in WECON LeviStudio HMI Vulnerability: Insecure Encryption Key Extraction in Beckhoff TwinCAT 3 ADS Protocol Moxa NPort Vulnerability: Injection Issue Disrupting Device Availability Cross-Site Request Forgery Vulnerability in IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 Path Traversal Vulnerability in WebAccess Versions 8.3.2 and Earlier Geovap Reliance SCADA Version 4.7.3 Update 2 and Prior Cross-site Scripting Vulnerability Cross-Site Scripting Vulnerability in PHOENIX CONTACT FL COMSERVER and PSI-MODEM/ETH Stack-based Buffer Overflow Vulnerability in Advantech WebAccess Versions Prior to 8.3 Stack-based Buffer Overflow Vulnerability in Xiongmai Technology IP Cameras and DVRs Vulnerability: Lack of Encryption in Beckhoff TwinCAT ADS Protocol Allows for Arbitrary Packet Forging Empty Default Password Vulnerability in Moxa NPort W2150A and NPort W2250A Untrusted Pointer Dereference Vulnerability in Advantech WebAccess Versions Prior to 8.3 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Unprotected Transport of Credentials in ABB Ellipse: Sniffing Attack Vulnerability Arbitrary Address Specification Vulnerability in Advantech WebAccess SQL Injection Vulnerability in Ecava IntegraXor v 6.1.1030.1 and Prior SQL Injection Vulnerability in Ecava IntegraXor v 6.1.1030.1 and Prior Unrestricted File Upload Vulnerability in Advantech WebAccess Heap-based Buffer Overflow Vulnerability in WECON Technology LEVI Studio HMI Editor v1.8.29 and Prior Stack-based Buffer Overflow Vulnerabilities in WECON Technology LEVI Studio HMI Editor v1.8.29 and Prior Remote Code Execution Vulnerability in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers Information Exposure Vulnerability in PHOENIX CONTACT FL SWITCH Series Products Improper Authorization Vulnerability in PHOENIX CONTACT FL SWITCH Series Path Traversal Vulnerability in Tridium Niagara AX and Niagara 4 Systems Type Confusion Vulnerability in Delta Industrial Automation Screen Editor Delta Industrial Automation Screen Editor: Out-of-bounds Write Vulnerability Authentication Bypass Vulnerability in Niagara AX and Niagara 4 Framework Use-after-Free Vulnerability in Delta Industrial Automation Screen Editor Remote Code Execution Vulnerability in Delta Industrial Automation Screen Editor Improper Input Validation in Advantech WebAccess versions prior to 8.3 Improper Access Restriction to _profiler Routes in Bolt before 3.3.6 Reflected Cross-Site Scripting Vulnerability in Userscape HelpSpot Cross-Site Request Forgery (CSRF) Vulnerability in Userscape HelpSpot Weak Permissions in Hola VPN 1.34 Allows Privilege Escalation via Trojan Horse Files Arbitrary Code Injection via access_token Parameter in Ultimate Instagram Feed Plugin for WordPress Arbitrary File Read Vulnerability in LibreNMS Installation Process XSS Vulnerability in Inedo BuildMaster before 5.8.2 Open Redirect Vulnerability in Inedo BuildMaster before 5.8.2 Allows Remote Attackers to Perform Arbitrary URL Redirection Arbitrary File Read Vulnerability in Sanic before 0.5.1 Arbitrary Command Execution via YAML Parsing in Confire 0.2.0 Arbitrary Command Execution via YAML Parsing in django_make_app 0.1.3 Cross-Site Scripting (XSS) Vulnerability in D-Link DWR-933 1.00(WW)B17 via cgi-bin/gui.cgi Arbitrary Web Script Injection Vulnerability in Synodsmnotify in Synology DiskStation Manager (DSM) Arbitrary Code Injection through User Profile in Synology Surveillance Station Arbitrary HTML Injection in Synology MailPlus Server User Policy Editor Privacy breach vulnerability in Synology Photo Station 6.8.1-3458's Photo Viewer allows remote attackers to access private information via map viewer mode. Arbitrary Code Execution via Object Injection in IBM Data Server Driver for JDBC and SQLJ File and Directory Information Exposure Vulnerability in Synology Surveillance Station Arbitrary Code Injection via Username Parameter in Synology Photo Station Log Viewer Arbitrary Code Execution Vulnerability in Synology Photo Station Bypassing Directory Permission Checks in Synology Universal Search Highlight Preview Arbitrary Code Injection via SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) Clickjacking Vulnerability in Synology SSO Server before 2.1.3-0129 Conserus Workflow Intelligence Application Authentication Bypass Vulnerability Vulnerability: Privilege Escalation via Fake Application Directory in HashiCorp Vagrant VMware Fusion Plugin DTMF Tone Injection Vulnerability in Fermax Outdoor Panel Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Arbitrary Code Execution via Configuration File Write in MyBB Installer Cross-Site Scripting (XSS) Vulnerability in MyBB Installer (before 1.8.13) Persistent Notification XSS Vulnerability in Home Assistant Server-Side Template Injection in CMS Made Simple 2.1.6 via cntnt01detailtemplate Parameter Reflected XSS Vulnerability in CMS Made Simple 2.2.2 via cntnt01detailtemplate Parameter Reflected XSS Vulnerability in Cacti 1.1.27 via host.php PATH_INFO Arbitrary File Read Vulnerability in Meinberg LANTIME Web Configuration Utility Arbitrary File Read Vulnerability in Meinberg LANTIME Web Configuration Utility Arbitrary File Write and Privilege Escalation Vulnerability in Meinberg LANTIME Devices Arbitrary Web Script Injection in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7 Information Disclosure Vulnerability in IBM OpenPages GRC Platform Vulnerability: File Path Disclosure in Symfony Form Component Stored Cross-Site Scripting (XSS) Vulnerability in geminabox (Gem in a Box) before 0.13.10 via .gemspec File Homepage Value Heap-based Buffer Overflow in SWFTools 0.9.2's wav_convert2mono Function Denial of Service Vulnerability in SWFTools 0.9.2 Denial of Service and Potential Remote Code Execution in SWFTools 0.9.2 Integer Overflow and Heap-Based Buffer Overflow in SWFTools 0.9.2's png_load Function Vulnerability: Inadequate File Extension Filtering in CMS Made Simple 2.2.3.1 Stored XSS Vulnerability in CMS Made Simple 2.2.3.1 via m1_name Parameter Octopus Deploy 3.7.0-3.17.13 XSS Vulnerability in Step Template Name Parameter Cross-Site Scripting (XSS) Vulnerability in MISP 2.4.82 via Crafted Organisation Name Denial of Service Vulnerability in Libav's smacker_decode_tree Function Unauthenticated Access to Sensitive Information in Redmine Reminders Denial of Service Vulnerability in radare2 2.0.1 via Crafted ELF File HTTP Server Directory Traversal Vulnerability in Ulterius Cross-Site Scripting (XSS) Vulnerability in Kirby Panel Heap-based Buffer Over-read in tcpdump (CVE-2020-7048) Improper Handling of Application Requests in IBM WebSphere Application Server Allows Unauthorized File Access Arbitrary Script Injection in Octopus Deploy's All Variables Tab Denial-of-Service Vulnerability in Foxit MobilePDF App for iOS Directory Traversal Vulnerability in Foxit MobilePDF App for iOS Cross-Site Scripting (XSS) Vulnerability in Snap Creek Duplicator Plugin for WordPress Denial of Service Vulnerability in HTCondor's condor_schedd Component Denial of Service Vulnerability in RADOS Gateway in Ceph 12.1.0 through 12.2.1 Stored Cross-Site Scripting Vulnerability in Icon Time Systems RTC-1000 v2.5.7458 and Earlier: Remote Code Injection and Session Hijacking Cross-Site Scripting (XSS) Vulnerability in IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 Double Free Vulnerability in csnmp_read_table Function in collectd XSS Vulnerability in b3log Symphony 2.2.0 Admin Console Denial of Service and Memory Access Vulnerability in libbfd Denial of Service and Possible Remote Code Execution in GNU Binutils 2.29.1 Integer Overflow and Heap-Based Buffer Over-read Vulnerability in GNU Binutils 2.29.1 Negative Pointers Vulnerability in BFD Library Cross-Site Scripting (XSS) Vulnerability in IBM Connections Engagement Center 6.0 Integer-Overflow Vulnerability in print_gnu_property_note Function in GNU Binutils 2.29.1 Integer Overflow Vulnerability in coffgen.c of GNU Binutils 2.29.1 Denial of Service and Potential Remote Code Execution in GNU Binutils 2.29.1 Gemirro before 0.16.0 Stored XSS Vulnerability via Crafted homepage Value Privilege Escalation in PNP4Nagios through 0.6.26 via Unprivileged Account Ownership Sensitive Information Exposure in Photo,Video Locker-Calculator Android App Unauthenticated Stored XSS Vulnerability in Arris TG1682G Devices Arbitrary Code Execution Vulnerability in Trusted Boot (tboot) Allows Overwriting of Dynamic PCRs Local Privilege Escalation in Hashicorp Vagrant-VMware-Fusion 5.0.4 Out-of-Bounds Read Vulnerability in VC-2 Video Compression Encoder in FFmpeg 3.0 and 3.4 Cross-Site Scripting (XSS) Vulnerability in LanSweeper 6.0.100.75 via /Calendar/CalendarActions.aspx Yoast SEO Plugin XSS Vulnerability in admin/google_search_console/class-gsc-table.php Stored XSS Vulnerability in Vonage VDV-23 115 3.2.11-0.9.40 Devices via NewKeyword or NewDomain Field Heap-based Buffer Overflow in Formail's Loadbuf Function Out-of-Bounds Access Vulnerability in Qemu's hw/input/ps2.c during Guest Migration SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 via /manageConfMons.do Groupname Parameter SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 Improper Configuration and Security Checks in Shibboleth Service Provider Plugin (SSPCPP-763) OpenSAML-C DynamicMetadataProvider Class Security Vulnerability Customer Ticket Information Disclosure Vulnerability in OTRS Cross-Site Scripting (XSS) Vulnerabilities in Atlassian Confluence RSS Feed Macro Vulnerability: Bypassing Bitbucket Auto-Unapprove Plugin via Minimal Brute-Force Vulnerability: User Impersonation in Atlassian Crowd's 'crowd-application' Plugin Module Path Traversal Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Application Links Double OGNL Evaluation Vulnerability in Fisheye and Crucible Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Jira's IncomingMailServers Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira PieChart Gadget Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira's Issue Search Resource Server Side Request Forgery (SSRF) Vulnerability in Trello Importer in Atlassian Jira Cross Site Scripting (XSS) Vulnerability in dayrui FineCms 5.2.0 Amazon Key Vulnerability: Exploiting Cloud Cam 802.11 Deauthentication Frames for Unauthorized Access Integer Overflow and NULL Pointer Dereference Vulnerability in SWFTools 0.9.2 Denial of Service Vulnerability in UPX 3.94 via Crafted Mach-O File SSRF Vulnerability in UpdraftPlus WordPress Plugin Race condition vulnerability in UpdraftPlus plugin for WordPress allows remote PHP code execution Buffer Overflow Vulnerability in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1 Unsanitized PATH Vulnerability in Vagrant-VMware-Fusion Double Key Unregistration Integer Overflow Vulnerability in Teluu pjproject Cross-site scripting (XSS) vulnerability in Mistune before 0.8.1 in _keyify function Directory Traversal Vulnerability in ZEIT Next.js before 2.4.1 Arbitrary Web Script Injection in Palo Alto Networks PAN-OS Captive Portal Function Stack-based Buffer Overflow in _nc_write_entry Function in ncurses 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 XSS Vulnerability in filp/whoops Util/TemplateHelper.php (CVE-2021-XXXX) Cross-Site Scripting (XSS) Vulnerability in b3log Symphony 2.2.0 Privilege Escalation in Icinga Core through 1.14.0 NULL Pointer Dereference Vulnerability in libming <= 0.4.8 MistServer 2.13 Cross-Site Scripting (XSS) Vulnerability in Failed Authentication Requests Alerts Unauthenticated Information Disclosure in FiberHome LM53Q1 VH519R05C01S38 Portal CSRF Vulnerability in FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 Unauthorized Access to Web Services on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38: A Gateway to WLAN Key/Password Disclosure Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 Divide-by-Zero Error in SWFTools 0.9.2's wav_convert2mono Function Memory Leak in Bftpd File Rename Function (Bftpd < 4.7) SQL Injection Vulnerability in Piwigo Application (Version 2.9.2 and Prior) Allows Unauthorized Access to User Information Sensitive Information Disclosure in Laravel Framework Privilege Escalation Vulnerability in Arq 5.x for Mac SQL Injection Vulnerability in Tiny Tiny RSS 17.4's Forgotpass Component Impersonation and Privilege Escalation Vulnerability in Auth0 passport-wsfed-saml2 Library Buffer Overflow Vulnerability in libming v0.4.8 or Earlier: printMP3Headers Function Array Index Error in fig2dev Program in Xfig 3.2.6a: Remote DoS and Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Unauthorized Access to User Information in Hunesion i-oneNet 3.0.6042.1200 via Brute Force Vonage VDV-23 115 3.2.11-0.9.40 Home Router Reboot Vulnerability Remote Code Execution in LvyeCMS 3.1 via Directory Traversal and PHP Code Injection Cross-Site Scripting (XSS) Vulnerability in LvyeCMS Admin Login Unencrypted HTTP Vulnerability in DuoLingo TinyCards Android App XSS Vulnerability in Horde Groupware 5.2.19-5.2.22 via Calendar -> New Event URL Field XSS Vulnerability in Horde Groupware 5.2.19 and 5.2.21: Exploiting the Color Field in Create Task List Action XSS Vulnerability in Horde Groupware 5.2.19 Allows Remote Code Execution via Name Field Heap-based Buffer Overflow in LibRaw's panasonic_load_raw() Function Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Denial of Service Vulnerability in LibRaw's xtrans_interpolate() Function Local Privilege Escalation: Kernel Memory Address Disclosure via vhci_hcd Driver Out-of-Bounds Read Vulnerability in Linux Kernel's get_pipe() Function Denial of Service Vulnerability in Linux Kernel's stub_recv_cmd_submit() Function NULL pointer dereference vulnerability in stub_send_ret_submit() function in Linux Kernel Stored Cross-site Scripting (XSS) Vulnerability in MapOS 3.1.11 and Earlier Unspecified Privilege Escalation Vulnerability in IBM AIX Arbitrary PHP File Upload Vulnerability in dayrui FineCms 5.2.0 Arbitrary Shell Command Execution via Form Parameter Manipulation in OTRS Directory Traversal Vulnerability in Wowza Streaming Engine Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9, Ac15, and Ac18 devices Unencrypted XML File Disclosure and Privilege Escalation in ManageEngine Desktop Central MSP 10.0.137 Command Injection Vulnerability in Ohcount 3.0.0 Buffer Overflow Vulnerability in xrdp Session Manager Arq for Mac Privilege Escalation via Crafted Update URL Authenticated Directory Traversal Vulnerability in Claymore Dual GPU Miner 10.1 Session Hijacking Vulnerability in IBM Integration Bus 9.0 and 10.0 Stack-based Buffer Overflow in Claymore Dual GPU Miner 10.1 Remote Management Interface Parameter-Entity Reference Mishandling in libxml2's parser.c Infinite Recursion Vulnerability in libxml2's parser.c Privilege Escalation via Insecure chown Call in Icinga 2.x through 2.8.1 Arbitrary OS Command Execution Vulnerability in DBL DBLTek Web Server Unauthenticated Access to Ametys CMS Plugin Allows Account Modification Directory Traversal Vulnerability in Shenzhen Tenda AC9, AC15, and AC18 Devices Buffer Overflow Vulnerability in OptiPNG 0.7.6: Exploiting GIF Format File for Denial-of-Service Attack Use-after-free vulnerability in XFRM dump policy implementation in Linux kernel Clear Text Transmission of User Credentials in IBM Integration Bus 9.0 and 10.0 Arbitrary PHP Code Execution via Theme Upload in October CMS Divide-by-Zero DoS Vulnerability in libsndfile 1.0.25 Use-after-free vulnerability in Exim SMTP daemon allows remote code execution or denial of service via BDAT commands Denial of Service Vulnerability in Exim SMTP Daemon via BDAT Commands Arq 5.10 and Earlier for Mac Local Privilege Escalation Vulnerability Information Disclosure Vulnerability in MISP 2.4.82 Allows Admins to Discover Hashed Passwords NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Arbitrary File Upload and Remote Code Execution in AccessPress Anonymous Post Pro Plugin Weak Cryptographic Algorithms in IBM QRadar SIEM 7.2 and 7.3: A Critical Vulnerability Arbitrary Web Script Injection Vulnerability in UrBackup Server before 2.1.20 Denial of Service Vulnerability in Winamp Pro 5.66 Build 3512 Denial of Service Vulnerability in KMPlayer 4.2.2.4 via Crafted NSV File Unauthenticated Remote Configuration Modification in ZTE ZXDSL 831CII Devices InLinks Plugin for WordPress: Authenticated SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) 2.2.0 Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary File Existence Disclosure in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary Command Execution Vulnerability in IBM QRadar 7.2 and 7.3 Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices SQL Injection Vulnerability in BigTree CMS 4.2.19: Unauthorized Information Disclosure Stored XSS Vulnerabilities in CommuniGate Pro WebMail Components Information Disclosure Vulnerability in IBM WebSphere Portal Insecure Permissions Vulnerability in IBM MQ Managed File Transfer Agent 8.0 and 9.0 Uninitialized Kernel Memory Disclosure Vulnerability in Linux Kernel Memory Corruption Vulnerability in Linux Kernel's check_alu_op Function Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Privilege Escalation via $ORIGIN in RPATH/RUNPATH Denial of Service Vulnerability in IBM Jazz Team Server Affecting Multiple Rational Products Weak Encryption Algorithm in IBM Team Concert (RTC) 5.0-6.0.5 Allows Unauthorized Access to Sensitive Information Untrusted Search Path Vulnerability in Content Manager Assistant for PlayStation Command Injection Vulnerability in D-Link DCS-5009, DCS-5010, and DCS-5020L Devices Vulnerability: Unauthenticated Software Update Execution in Sophos UTM VPN Client Buffer Overflow Vulnerability in QNAP QTS FTP Service Buffer Overflow Vulnerability in QNAP QTS NAS Devices Buffer Overflow Vulnerability in QNAP QTS Login Function Buffer Overflow Vulnerability in QNAP QTS Login Function Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Directory Traversal Vulnerability in YARD Server (CVE-2021-12345) Reflected XSS Vulnerability in Emag Marketplace Connector Plugin for WordPress Denial of Service Vulnerability in Xen through 4.9.x via Mishandling of Populate on Demand (PoD) Errors Xen Privilege Escalation and Denial of Service Vulnerability through Mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) Errors ARM Platform Vulnerability: Information Leakage from DRAM after Reboot in Xen NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Sensitive Information Leakage in IBM Security Privileged Identity Manager 2.1.0 NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in OpenStack Nova 16.0.3 Use-after-free vulnerability in mm_init function in Linux kernel before 4.12.10 Use-after-free vulnerability in init_new_context function in Linux kernel before 4.12.10 Divide-by-Zero DoS Vulnerability in aubio 0.4.6 Arbitrary Code Execution via Cross-Site Scripting in Artica Web Proxy Privilege Escalation via CSRF in ZKTime Web Software Reflected XSS Vulnerability in ZKTime Web 2.0.1.12280 - Department Module Directory Traversal Vulnerability in WooCommerce Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in amtyThumb amty-thumb-recent-post Plugin 8.1.3 for WordPress Insecure Permissions Vulnerability in OX App Suite 7.8.4 and Earlier Cross Site Scripting (XSS) vulnerability in OX App Suite 7.8.4 and earlier Arbitrary User Attribute Modification in Open-Xchange OX App Suite Authentication Bypass and Denial of Service Vulnerability in D-Link DIR-605L Model B GarlicRust: Remote Information Disclosure Vulnerability in i2pd and kovri SAML Authentication Bypass and Impersonation Vulnerability in Splunk Web Cross-Origin Vulnerability in Auth0.js Library Allows Token Theft and Unauthorized Service Invocation Arbitrary DLL Code Execution Vulnerability in Amazon Audible for Windows Heap-based buffer over-read vulnerability in elf.c in the Binary File Descriptor (BFD) library Integer Signedness Error and Out-of-Array Read Vulnerability in FFmpeg Buffer Overflow Vulnerability in Wireshark NetBIOS Dissector Vulnerability: Crash in Wireshark IWARP_MPA Dissector CIP Safety Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10 Indeo Otter through 1.7.4 Denial of Service Vulnerability Insecure Group Ownership Setting in Vim Remote Denial of Service Vulnerability in SyncBreeze Enterprise 10.2.12 and Earlier Cross-Site Scripting (XSS) Vulnerability in Webmin Custom Command Functionality Excessive Virtual Memory Consumption Vulnerability in Asterisk's SCCP Protocol Channel Driver User Access Bypass in WordPress before 4.9.1 Unfiltered HTML Upload Vulnerability in WordPress before 4.9.1 Cross-Site Scripting (XSS) Vulnerability in WordPress before 4.9.1 Cross-Site Scripting (XSS) Vulnerability in WordPress Feed Enclosures Heap-based Buffer Overflow in LibTIFF 4.0.9: Remote Denial of Service and Possible Other Impacts Arbitrary JavaScript Injection via OpenGraph Data in Content Cards Plugin for WordPress Predictable Password Reset Vulnerability in gps-server.net GPS Tracking Software (self hosted) 2.x Arbitrary PHP Code Injection in GPS-Server.net GPS Tracking Software Unauthenticated SEH-based Buffer Overflow in Flexense SyncBreeze Enterprise v10.1.16 HTTP Server Privilege Escalation Vulnerability in IBM Storwize V7000 (2076) 8.1 Service Assistant GUI Unauthenticated Access to Webcam Contents and 'Super Admin' Privilege Bypass in Apexis APM-H803-MPC Software SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_REQUEST['link'] in /system/site.php SQL Injection in Fiyo CMS 2.0.7: Privilege Escalation via app_user/sys_user.php Arbitrary File Read Vulnerability in Fiyo CMS 2.0.7 Unauthenticated Blind Remote Command Injection in Zivif PR115-204-P-RS Web Cameras Unauthenticated Remote Access to Zivif PR115-204-P-RS V2.3.4.2103 Webcams via CGI Parameter Hard-coded Root Password Vulnerability in Zivif PR115-204-P-RS V2.3.4.2103 Web Cameras Path Traversal Vulnerability in KonaKart eCommerce Platform Allows Unauthorized File Access and Server Compromise IBM iNotes 8.5 and 9.0 SUService DLL Hijacking Vulnerability SQL Injection Vulnerability in Techno Portfolio Management Panel 1.0 SQL Injection Vulnerability in Posty Readymade Classifieds Script 1.0 Pool Corruption Vulnerability in IKARUS anti.virus 2.16.15 via ntguard_x64.sys 0.18780.0.0 NULL Pointer Dereference Vulnerability in ntguard_x64.sys 0.18780.0.0 of IKARUS Anti-Virus 2.16.15 via 0x830000c4 DeviceIoControl Request Memory Corruption Vulnerability in IKARUS Anti-Virus 2.16.15 via DeviceIoControl Request in ntguard.sys and ntguard_x64.sys ROBOT Attack: Exploiting TLS Vulnerability in Domino Server for Unauthorized Access Memory Access Violation Vulnerability in GNU Binutils 2.29.1 Integer Overflow in dump_relocs_in_section function in GNU Binutils 2.29.1 NULL Pointer Dereference and Application Crash in libbfd's coff_slurp_reloc_table Function Heap-based Buffer Overflow in _bfd_coff_read_string_table Function in GNU Binutils 2.29.1 Denial of Service and Possible Remote Code Execution in GNU Binutils 2.29.1 Denial of Service Vulnerability in GNU Binutils 2.29.1 NULL Pointer Dereference Vulnerability in Libav 12.2 Denial of Service Vulnerability in Libav 12.2 Denial of Service Vulnerability in Libav 12.2 Weak Cryptographic Algorithms in IBM InfoSphere Streams 4.2.1: A Gateway to Decryption of Sensitive Data Heap-based Buffer Overflow in Libav's ff_free_picture_tables Function DoS Vulnerability in Huawei DP300, RP200, TE30, TE50, TE60, VP9660 Uncontrolled Format String Vulnerability in Huawei VP9660 V500R002C10 Null Pointer Reference Vulnerability in Huawei VP9660 V500R002C10 License Module XML Parser DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Null Pointer Reference Vulnerability in Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; Heap Overflow Vulnerability in Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V Out-of-Bounds Memory Access Vulnerability in Huawei DP300 and Other Products DoS Vulnerability in PEM Module of Huawei Products Information Leak Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Privilege Escalation Vulnerability in IBM Notes and Domino NSD 8.5 and 9.0 Information Leak Vulnerability in Huawei Enjoy 5s and Y6 Pro Smartphones Memory Leak Vulnerability in Huawei Networking Products SIP Module Overflow Vulnerability in Huawei DP300 and Other Devices Overflow Vulnerability in Huawei DP300 and Other Devices Overflow Vulnerability in Backup Feature of Huawei DP300 SIP Module: DoS Exploit Authentication Bypass Vulnerability in Huawei Honor V9 Play Smartphones Buffer Overflow Vulnerability in Huawei DP300 V500R002C00: Remote Code Execution and DoS Attacks Integer Overflow Vulnerability in Huawei DP300 V500R002C00 DoS Vulnerability in Huawei DP300 V500R002C00: Lack of Validation in Malloc Arbitrary Lock Pattern Change Vulnerability in Huawei HiWallet App Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Timergrp Module Insufficient Validation Vulnerability in Huawei Networking Devices Out-of-Bounds Write Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Memory Leak Vulnerability in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R DoS Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and Others Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Information Exposure Vulnerability in Huawei Smart Phones DoS Vulnerability in Huawei Smart Phones: System Information (SI) Message DoS Improper Permission Settings in IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 Buffer Overflow Vulnerability in Huawei AR and NetEngine Devices Authentication Bypass Vulnerability in Huawei Smart Phones' 'Find Phone' Function Memory Leak Vulnerability in Huawei Secospace USG6600 and USG9500 Series Out-of-Bounds Memory Access Vulnerability in Huawei Secospace USG6600 V500R001C30SPC100 Memory Leak Vulnerability in Huawei Secospace AntiDDoS8000 V500R001C20SPC500 Out-of-bounds read vulnerability in Huawei Quidway devices Resource Exhaustion Vulnerability in Huawei and Secospace USG Devices Use of Broken or Risky Cryptographic Algorithm Vulnerability in Huawei DP300, TP3206, ViewPoint 9030 Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Huawei Smart Phones Denial of Service (DoS) Vulnerability: Malicious APK Installation and System Restart Exploit Privilege Escalation Vulnerability in Huawei LYO-L21 Smart Phones Arbitrary Memory Free Vulnerability in Mate 9 Pro Huawei Smart Phones Weak Algorithm Vulnerability in Huawei Products: Information Leakage via Bleichenbacher Attack Denial of Service (DoS) Vulnerability in SMS Module of Mate 9 Pro Huawei Smartphones Arbitrary Memory Read/Write Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Arbitrary Command Execution via Shared Memory IPC in IBM Notes 8.5 and 9.0 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices DoS Vulnerability in Certain Huawei Smartphones with Software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 Out-of-Bounds Read Vulnerability in Huawei AR and NetEngine Devices Remote Code Execution Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Remote Code Execution Vulnerability in Huawei HG532 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-Bounds Write Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-bounds read vulnerability in SCCPX module of Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Invalid Memory Access Vulnerability in Huawei SCCPX Module SQL Injection Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Invalid Memory Access Vulnerability in Huawei SCCPX Module Remote Code Execution Vulnerability in Huawei eSpace 7950 and eSpace 8950 Remote Code Execution Vulnerability in Huawei eSpace 7950 and eSpace 8950 Language Package Upload Directory Traversal Vulnerability in Huawei eSpace Products Null Pointer Dereference Vulnerability in Huawei Smart Phones Buffer Overflow Vulnerability in Huawei Mate 9 Pro NFC Module Arbitrary URL Loading Vulnerability in TripAdvisor App on Huawei Mobile Phones Out-of-Bounds Memory Access Vulnerability in Huawei Mate 10 GPU Driver Directory Traversal Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Cross-Site Scripting (XSS) Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Undisclosed Vulnerability in IBM Jazz Team Server Affects Multiple Rational Products Out-of-Bounds Write Vulnerability in Huawei AR and NetEngine Devices Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Memory Leak Vulnerability in Huawei AR and USG Series Routers Memory Leak Vulnerability in Huawei AR and USG Series Routers Resource Management Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Sensitive Information Disclosure in IBM Tivoli Key Lifecycle Manager (CVE-2020-4427) Authentication Bypass Vulnerability in Huawei Mate 9 Pro Smart Phones Information Leak Vulnerability in Huawei Mobile Phones with NFC Module Out-of-Bounds Read Vulnerability in Huawei SFTP Module Buffer Overflow Vulnerability in Huawei SCCP Module Out-of-Bound Read Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Resource Management Error Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Buffer Overflow Vulnerability in Huawei Mobile Phones' Bluetooth Module Out-of-Bound Write Vulnerability in Huawei AR and NetEngine Series Routers Out-of-Bound Read Vulnerability in Huawei Products Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager LDAP Client Resource Exhaustion Vulnerability Memory Leak Vulnerability in Huawei AR and NetEngine Series Routers Denial of Service Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR-TE, AR-TP, DP, MAX PRESENCE, NetEngine, RP, SRG, and TE Series Routers Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, MAX PRESENCE, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR-TE, AR-TP, NetEngine, MAX PRESENCE, RP200, SRG, and TE Series Routers Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RP200, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG9500, USG9520, USG9560, USG9580, ViewPoint 9030, eSpace U1981 Memory Leak Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RP200, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG9500, USG9520, USG9560, USG9580, ViewPoint 9030, eSpace U1981 Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 9030 Insufficient Input Validation Vulnerability in Huawei AR and NetEngine Series Routers Numeric Errors Vulnerability in Huawei Networking Products Weak Cryptography Vulnerability in Huawei AR, CloudEngine, DP300, SMC2.0, SRG, TE, VP9660, ViewPoint, eSpace IAD, eSpace U1981, eSpace USM Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Information Disclosure Vulnerability in Huawei DP300 V500R002C00 and other products using CIDAM protocol Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Bleichenbacher RSA Padding Oracle Vulnerability in Huawei Firewall Products Array Out-of-Bounds Read Vulnerability in Certain Huawei Smartphones Out-of-Bounds Read Vulnerability in Huawei VNS-L21AUTC555B141 Smartphones Invalid Memory Access Vulnerability in Huawei SCCPX Module Path Traversal Vulnerability in Huawei HG255s-10 V100R001C163B025SP02 Allows Unauthorized Access to Local Files Privilege Escalation Vulnerability in IBM WebSphere Application Server Administrative Console Buffer Error Vulnerability in Huawei ENUM Module Huawei Firewall Products IPSEC IKEv1 DoS Vulnerability Huawei Firewall Products IPSEC IKEv1 DoS Vulnerability Buffer Overflow Vulnerability in HUAWEI P9 Lite InputHub Driver Invalid Memory Access Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Numeric Errors Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Buffer Overflow Vulnerability in Huawei USG and Secospace Devices Denial of Service (DoS) Vulnerability in Huawei E5771h-937 Mobile Broadband Products Information Disclosure Vulnerability in Huawei P9 Smartphones Insecure Cookie Handling in IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 Memory Double Free Vulnerability in Huawei Mate 9 Pro Smartphones with LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 Software Buffer Overflow Vulnerability in Huawei eNSP Software Information Disclosure Vulnerability in Huawei Honor Smart Scale Application Improper Authorization Vulnerability in Huawei iBMC Software Integer Overflow Vulnerability in Huawei Mate 9 Pro Camera Driver Huawei HiCinema Video Applications: Permission Control Vulnerability Activation Lock Bypass Vulnerability in Huawei Mate 9 Pro Smartphones Improper Resource Management Vulnerability in Huawei MHA-AL00AC00B125 Software Integer Overflow Vulnerability in Huawei Smartphones with MHA-AL00AC00B125 Software: Risk of Information Disclosure Memory Leak Vulnerability in Huawei ViewPoint 8660 V100R008C03 Local User Can Read Sensitive Information in IBM QRadar 7.3 Log Files Memory Leak Vulnerability in Huawei AR3200 and NGFW Module Information Disclosure Vulnerability in IBM Jazz Team Server Undisclosed Privilege Escalation Vulnerability in IBM Rational Quality Manager Vulnerability: Denial of Service in QEMU Virtio Vring Implementation ROBOT Attack: Bleichenbacher RSA Padding Oracle Vulnerability in Citrix NetScaler ADC and Gateway Cross-Site Scripting (XSS) Vulnerability in Jenkins 2.93 - SECURITY-624 Root Access Vulnerability in ISPConfig 3.x before 3.1.9 via Crafted Cron Job Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Command Injection Vulnerability in Ruby's Net::FTP Library Unauthenticated Remote Code Execution in Netgain Enterprise Manager (ZDI-CAN-4753) Arbitrary Code Execution in NetGain Systems Enterprise Manager v7.2.699 Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 (ZDI-CAN-5101) Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 Improper Handling of Administrative Console Panel Fields in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 Remote Code Execution in Linksys WVBR0 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via Unauthenticated GET Requests (ZDI-CAN-4223) Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackupTargetSet Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Count Method Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Acknowledge Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPolicy Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUTransferHistory Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUJobCountHistory Get Method Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 (ZDI-CAN-4232) Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackupSegment Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUScheduleSet Get Method Arbitrary Code Execution Vulnerability in Quest NetVault Backup 11.3.0.12 Heap Overflow Vulnerability in glibc 2.26's malloc Function Vulnerability: Adaptive-Chosen Ciphertext Attack on Radware Alteon Devices ROBOT Attack: Decrypting TLS Ciphertext Data in Cavium Nitrox and TurboSSL SDKs Insufficient Authentication in K7 Antivirus Premium Allows Unauthorized Access to Raw Hard Disk Improper Handling of Administrative Console Panel Fields in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Arbitrary Command Execution in Sangoma NetBorder / Vega Session Controller Multiple Cross-Site Scripting (XSS) Vulnerabilities in GeniXCMS 1.1.5 Denial of Service Vulnerability in OpenAFS 1.x before 1.6.22 Bypassing Access Restrictions in rsync Daemon Bypassing Access Restrictions in rsync Daemon Vaultek Gun Safe VT20i: Remote Unlock Vulnerability Lack of Encryption in Vaultek Gun Safe VT20i Allows Passcode Eavesdropping Remote Denial of Service Vulnerability in Heimdal KDC Denial of Service Vulnerability in GNU Libextractor 1.6 via Crafted Multimedia Files Reflected Cross-Site Scripting Vulnerability in BlackBerry UEM Management Console OPC Foundation Local Discovery Server (LDS) 1.03.370 Configuration File Crash Vulnerability Denial of Service Vulnerability in Game_Music_Emu Library Linux Kernel Local Privilege Escalation Vulnerability Netlink Message Sniffing Vulnerability Linux Kernel xt_osf.c Local Privilege Escalation Vulnerability XSS Vulnerability in WP Mailster Plugin's Unsubscribe Handler Cross Site Scripting (XSS) Vulnerability in Mahara 16.10, 17.04, and 17.10 Man-in-the-Middle Vulnerability in Mahara Versions 16.10 to 17.10.2 Arbitrary Code Execution via Malformed Mercurial Repository Arbitrary Command Execution via SSH URL in Fossil Cross-Site Request Forgery Vulnerability in IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) Vulnerability: Information Disclosure in Vivo Modems via index.cgi?page=wifi NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 Arbitrary Write Privilege Escalation Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Other Impact in TG Soft Vir.IT eXplorer Lite 8.5.42 Local Privilege Escalation and Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in IBM WebSphere MQ 9.0 and 9.0.x Denial of Service and Possible Impact Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Impact Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Other Impact in TG Soft Vir.IT eXplorer Lite 8.5.42 Session Hijacking Vulnerability in OTRS 4.0.x, 5.0.x, and 6.0.x Unauthenticated Remote Stored XSS Vulnerability in Pexip Infinity XSS Vulnerability in Pegasystems Pega Platform's Designer Studio Stack-based Buffer Overflow in OpenJPEG 2.3.0's pgxtoimage Function Open Redirect Vulnerability in IBM Connections 5.0, 5.5, and 6.0 Stack-based Buffer Overflow in OpenJPEG 2.3.0's pgxtovolume Function Buffer Overflow Vulnerability in OpenVMS Stack-based buffer overflow in ucnv_UTF8FromUTF8 function in ICU for C/C++ Unauthenticated Remote Code Execution in FasterXML Jackson-Databind Directory Traversal Vulnerability in IBM UrbanCode Deploy 6.1 through 6.9.6.0 Denial of Service Vulnerability in Tidy 5.7.0: Segmentation Fault in prvTidyTidyMetaCharset Function Heap-based Buffer Overflow in WritePNMImage in GraphicsMagick 1.3.26 Use-after-free vulnerability in ImageMagick's Magick::Image::read in Magick++/lib/Image.cpp Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 GraphicsMagick 1.3.26 - Heap-Based Buffer Over-read in ReadRGBImage Heap-Based Buffer Over-Read Vulnerability in GraphicsMagick 1.3.26's WriteOnePNGImage Function Heap-based Buffer Over-read in ReadCMYKImage of GraphicsMagick 1.3.26 Heap-based Buffer Over-read in ReadGRAYImage of GraphicsMagick 1.3.26 Heap-based buffer over-read vulnerability in ImageMagick before 7.0.7-12: Magick_png_read_raw_profile in coders/png.c via crafted file NULL Pointer Dereference in H5O_pline_decode Function in HDF5 1.10.1 Out of Bounds Read Vulnerability in H5Opline_pline_decode Function in HDF5 1.10.1 Out of Bounds Read Vulnerability in HDF5 1.10.1 Divide-by-Zero Vulnerability in H5T_set_loc Function in HDF5 1.10.1 Out-of-Bounds Write Vulnerability in H5G__ent_decode_vec Function in HDF5 1.10.1 Cross-Site Scripting (XSS) Vulnerability in IBM Robotic Process Automation with Automation Anywhere 10.0.0 Argument-Injection Vulnerability in KildClient 3.1.0 via BROWSER Environment Variable Argument Injection Vulnerability in sensible-browser Argument-injection vulnerability in TeX Live through 20170524 allows remote attackers to execute arbitrary commands via a crafted URL. Argument-injection vulnerability in nip2 8.4.0 allows remote attackers to execute arbitrary commands via crafted URLs Unvalidated String Launch Vulnerability in Metview 4.7.3 Argument-injection vulnerability in RTV 1.19.0 allows remote attackers to execute arbitrary commands via crafted URLs Argument-Injection Vulnerability in Sylpheed's BROWSER Environment Variable Potential Argument-Injection Vulnerability in White_dune (whitedune) 0.30.10 Argument Injection Vulnerability in OCaml Batteries Included (ocaml-batteries) 2.6 Information Disclosure Vulnerability in IBM UrbanCode Deploy 6.1 and 6.2 Argument-injection vulnerability in tools/url_handler.pl in TIN 2.4.1 allows remote attackers to execute arbitrary commands via crafted URLs FontForge through 20170731 BROWSER Environment Variable Argument-Injection Vulnerability Argument-injection vulnerability in Python webbrowser module Argument Injection Vulnerability in LilyPond 2.19.80 via lilypond-invoke-editor Argument-Injection Vulnerability in SWI-Prolog 7.2.3's www_browser.pl Library Argument-Injection Vulnerability in xTuple PostBooks 4.7.0 Argument Injection Vulnerability in Bernard Parisse Giac 1.2.3.57 Potential Argument-Injection Vulnerability in PasDoc 0.14's Delphi GUI Argument-Injection Vulnerability in ScummVM 1.9.0 Argument Injection Vulnerability in AbiWord 3.0.2-2 HTML Injection Vulnerability in Multiple IBM Rational Products Potential Argument-Injection Vulnerability in Geomview 1.9.5 via BROWSER Environment Variable Argument-Injection Vulnerability in GNU GLOBAL 4.8.6 via Unvalidated Strings in BROWSER Environment Variable Argument-injection vulnerability in Kiwi 1.9.22 allows remote attackers to execute arbitrary commands via crafted URL Potential Argument-Injection Vulnerability in Tkabber 1.1 via default.tcl Argument-injection vulnerability in Mensis 0.0.080507 allows remote attackers to execute arbitrary commands via crafted URLs Argument Injection Vulnerability in Bob Hepple gjots2 2.4.1 Arbitrary Code Execution in Phabricator via Mercurial Branch Name Denial of Service Vulnerability in MikroTik RouterBOARD v6.39.2 and v6.40.5 Denial of Service Vulnerability in MikroTik v6.40.5 Devices via ICMP Flood Hardcoded Account Vulnerability in Fortinet FortiWLC 7.0.11 and Earlier Hardcoded Account Vulnerability in Fortinet FortiWLC 8.3.3 Cross-site Scripting (XSS) Vulnerability in Fortinet FortiManager and FortiAnalyzer Insecure Encryption of VPN Authentication Credentials in Fortinet FortiClient Privilege Escalation Vulnerability in Fortinet FortiOS: Admin to Super_Admin Information Disclosure in Citrix NetScaler ADC and Gateway Command Injection Vulnerability in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 CSRF Vulnerability in ZyXEL ZyWALL USG Devices Allows Unauthorized User Account Addition Arbitrary File Write Vulnerability in Mobotap Dolphin Browser for Android 12.0.2 URL Redirection Vulnerability in Zoho ManageEngine AD Manager Plus Build 6590 - 6613 Insecure Parsing Implementation of Intent URI Scheme in Dolphin Browser for Android 12.0.2 NULL Pointer Dereference Vulnerability in aubio 0.4.6's aubio_source_avcodec_readframe Function NULL Pointer Dereference Vulnerability in FFmpeg libswresample Local Privilege Escalation Vulnerability in Synaptics TouchPad Drivers Heap-based Buffer Overflow in Foxit Reader and Foxit PhantomPDF Out-of-bounds Write Access Vulnerability in Linux Kernel USB Core Subsystem Local File Inclusion Vulnerability in IBM Business Process Manager 8.6 Unauthenticated File Upload Vulnerability on Western Digital MyCloud PR4100 Arbitrary PHP Code Execution in SeaCMS 6.56 via Crafted Token Field Remote Code Execution in Embedthis GoAhead before 3.6.5 via CGI Handler Vulnerability Vulnerability in Xen Allows Guest OS Users to Crash Host OS or Gain Privileges Denial of Service and Privilege Escalation Vulnerability in Xen through 4.9.x Denial of Service Vulnerability in Xen with Shadow Mode and Log-Dirty Mode Xen Privilege Escalation and Denial of Service Vulnerability SQL Injection Vulnerability in Scubez Posty Readymade Classifieds via admin/user_activate_submit.php ID Parameter Incorrect Access Control in Scubez Posty Readymade Classifieds XSS Vulnerability in Scubez Posty Readymade Classifieds via admin/user_activate_submit.php ID Parameter SQL Injection Vulnerability in IBM Security Guardium 10.0 (IBM X-Force ID: 135858) SQL Injection Vulnerability in FS Expedia Clone 1.0 SQL Injection Vulnerability in FS Foodpanda Clone 1.0 via /food keywords parameter SQL Injection Vulnerability in FS Amazon Clone 1.0 via PATH_INFO to /VerAyari SQL Injection Vulnerability in FS Ebay Clone 1.0 via product.php and search.php Parameters SQL Injection Vulnerability in FS Care Clone 1.0 via searchJob.php Parameters SQL Injection in FS Groupon Clone 1.0 via id parameter in item_details.php and vendor_details.php SQL Injection Vulnerability in FS Gigs Script 1.0 via cat, sc, and ser Parameters SQL Injection Vulnerability in FS Trademe Clone 1.0 via search_item.php and general_item_details.php SQL Injection Vulnerability in FS Crowdfunding Script 1.0 via latest_news_details.php id Parameter SQL Injection Vulnerability in FS Freelancer Clone 1.0 via profile.php u parameter XML External Entity Injection (XXE) Vulnerability in IBM Financial Transaction Manager for ACH Services SQL Injection Vulnerabilities in FS Linkedin Clone 1.0 SQL Injection Vulnerability in FS Quibids Clone 1.0 via itechd.php productid Parameter SQL Injection Vulnerability in FS Grubhub Clone 1.0 via /food keywords parameter SQL Injection Vulnerability in FS Shutterstock Clone 1.0 via /Category Keywords Parameter SQL Injection Vulnerability in FS Makemytrip Clone 1.0 via show-flight-result.php fl_orig or fl_dest Parameter SQL Injection Vulnerability in FS Monster Clone 1.0 via Employer_Details.php id Parameter SQL Injection Vulnerability in FS Olx Clone 1.0 via subpage.php and message.php Parameters SQL Injection Vulnerabilities in FS Indiamart Clone 1.0 SQL Injection Vulnerability in FS IMDB Clone 1.0 SQL Injection Vulnerability in FS Thumbtack Clone 1.0 via browse-category.php and browse-scategory.php Parameters SQL Injection Vulnerability in FS Stackoverflow Clone 1.0 via /question keywords parameter SQL Injection Vulnerability in Realestate Crowdfunding Script 2.7.2 via single-cause.php pid Parameter SQL Injection Vulnerability in Website Auction Marketplace 2.0.5 via search.php cat_id Parameter Arbitrary File Upload Vulnerability in Simple Chatting System 1.0 SQL Injection Vulnerability in DomainSale PHP Script 1.0 via domain.php id Parameter SQL Injection Vulnerability in Beauty Parlour Booking Script 1.0 SQL Injection Vulnerability in Entrepreneur Job Portal Script 2.0.6 via jobsearch_all.php rid1 parameter SQL Injection Vulnerability in Nearbuy Clone Script 3.2 via category_list.php search parameter SQL Injection Vulnerability in Affiliate MLM Script 1.0 via product-category.php Key Parameter SQL Injection Vulnerability in Advance Online Learning Management Script 3.1 via courselist.php Parameters Local User Denial of Service and Information Disclosure Vulnerability in IBM WebSphere MQ SQL Injection Vulnerability in Basic B2B Script 2.0.8 via product_details.php id Parameter SQL Injection Vulnerability in Cab Booking Script 1.0 via /service-list city parameter SQL Injection in Advance B2B Script 2.1.3 via show_id and pid parameters SQL Injection Vulnerability in Advanced Real Estate Script 4.0.7 via search-results.php Parameters SQL Injection in Entrepreneur Bus Booking Script 3.0.4 via sourcebus parameter in booker_details.php SQL Injection Vulnerability in Consumer Complaints Clone Script 1.0 via other-user-profile.php id parameter SQL Injection Vulnerability in Co-work Space Search Script 1.0 via /list city parameter SQL Injection Vulnerability in CMS Auditor Website 1.0 via PATH_INFO to /news-detail SQL Injection Vulnerability in Child Care Script 1.0 via /list city Parameter SQL Injection Vulnerability in Chartered Accountant Booking Script 1.0 Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 SQL Injection Vulnerability in E-commerce MLM Software 1.0 SQL Injection Vulnerability in Doctor Search Script 1.0 via /list city parameter SQL Injection Vulnerability in Hot Scripts Clone 3.1 via /categories subctid or mctid parameter SQL Injection Vulnerability in Freelance Website Script 2.0.6 via jobdetails.php and searchbycat_list.php Parameters SQL Injection Vulnerability in Food Order Script 1.0 via /list city parameter SQL Injection Vulnerability in Facebook Clone Script 1.0 via friend-profile.php id parameter SQL Injection Vulnerability in Event Search Script 1.0 via /event-list city parameter SQL Injection Vulnerability in Foodspotting Clone Script 1.0 via quicksearch.php q parameter SQL Injection Vulnerability in Kickstarter Clone Script 2.0 via investcalc.php projid Parameter SQL Injection Vulnerability in Laundry Booking Script 1.0 via /list city parameter Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) Allows Arbitrary JavaScript Code Execution SQL Injection Vulnerability in Lawyer Search Script 1.1 via /lawyer-list city parameter SQL Injection Vulnerability in Multivendor Penny Auction Clone Script 1.0 via PATH_INFO to /detail URI SQL Injection Vulnerability in Online Exam Test Application Script 1.6 via exams.php sort parameter SQL Injection in Opensource Classified Ads Script 3.2 via advance_result.php keyword parameter SQL Injection in PHP Multivendor Ecommerce 1.0: Exploiting sid, searchcat, and chid1 Parameters SQL Injection Vulnerability in Professional Service Script 1.0 via service-list city parameter SQL Injection in Readymade PHP Classified Script 3.3 via /categories subctid or mctid parameter SQL Injection in Readymade Video Sharing Script 3.2 via single-video-detail.php report_videos parameter SQL Injection Vulnerability in Responsive Realestate Script 3.2 via property-list tbud Parameter SQL Injection Vulnerability in Secure E-commerce Script 2.0.1 via category.php and single_detail.php parameters SQL Injection Vulnerability in Yoga Class Script 1.0 via /list city parameter SQL Injection Vulnerability in Multireligion Responsive Matrimonial 4.7.2 via success-story.php succid Parameter SQL Injection in findcity.php q parameter SQL Injection in Multiplex Movie Theater Booking Script 3.1.5 via moid and eid parameters SQL Injection Vulnerability in Single Theater Booking Script 3.2.1 via findcity.php q parameter SQL Injection in MLM Forex Market Plan Script 2.0.4 via news_detail.php and event_detail.php parameters SQL Injection in MLM Forced Matrix 2.0.9 via news-detail.php newid parameter SQL Injection Vulnerability in Car Rental Script 2.0.4 via countrycode1.php val parameter SQL Injection Vulnerability in Groupon Clone Script 3.01 via city_ajax.php state_id Parameter SQL Injection Vulnerability in Muslim Matrimonial Script 3.02 via success-story.php succid parameter Local User Credential Exposure in IBM Cognos Business Intelligence 10.2 and 10.2.1 SQL Injection in Advanced World Database 2.0.5 via city.php and state.php parameters SQL Injection Vulnerability in Resume Clone Script 2.0.5 via preview.php id Parameter SQL Injection Vulnerability in Basic Job Site Script 2.0.5 via keyword Parameter SQL Injection Vulnerability in FS Lynda Clone 1.0 via keywords Parameter SQL Injection Vulnerability in Bus Booking Script 1.0 via txtname parameter in admin/index.php SQL Injection in Entrepreneur Dating Script 2.0.1: Exploiting search_result.php Parameters HTML Injection Vulnerability in Readymade Video Sharing Script 3.2 via single-video-detail.php Comment Parameter Information Disclosure Vulnerability in IBM Business Process Manager 8.6 SQL Injection in Paid To Read Script 2.0.5 via Multiple Parameters Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackupOptionSet Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackup ClientList Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackup PluginList Method Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUJobHistory Get Method Unauthorized Access to Ad Hoc Tasks in IBM Business Process Manager 8.6 Directory Traversal Vulnerability in Yawcam HTTP Server Remote Code Execution Vulnerability in htpasswd Implementation of mini_httpd and thttpd Remote Crash Vulnerability in Asterisk Open Source 13.x, 14.x, 15.x, and Certified Asterisk 13.13-cert9 Access-Control Bypass in Octopus Deploy Machine Update Process Firmware Downgrade/Upgrade Vulnerability in NCR S1 Dispenser Controller Exiv2 0.26 Heap-Based Buffer Over-read Vulnerability Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.6 Type Conversion Vulnerability in VideoLAN VLC Media Player (CVE-2019-12874) Arbitrary Pathname Remote PHP Code Execution in vBulletin 5.3.x on Windows Unauthenticated Deserialization Vulnerability in vBulletin 5.3.x BMC Remedy Mid Tier 9.1SP3 Vulnerability: Remote and Local File Inclusion BMC Remedy Mid Tier 9.1SP3 Log Hijacking Vulnerability Authenticated Code Execution in BMC Remedy 9.1SP3 via BIRT Templates Cross-Site Scripting (XSS) Vulnerability in BMC Remedy Mid Tier 9.1SP3 Sensitive Information Disclosure in IBM Security Guardium Big Data Intelligence (SonarG) 3.1 Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16's ReadXPMImage Function Infinite Loop Vulnerability in ImageMagick 7.0.7-12 Q16's ReadPSDChannelZip Function ImageMagick 7.0.7-12 Q16 ExtractPostscript Large Loop Denial of Service Vulnerability Panda Global Protection 17.0.1 Vulnerability: System Crash via DeviceIoControl Request Panda Global Protection 17.0.1 Vulnerability: System Crash via DeviceIoControl Request EFAIL: OpenPGP Cipher Feedback Mode (CFB) Vulnerability EFAIL: S/MIME CBC Malleability-Gadget Attack Cross-Site Request Forgery Vulnerability in IBM Business Process Manager 8.6 ClearText Transmission of Credentials in Homeputer CL Studio for HomeMatic 4.0 Rel 160808 and Earlier Same Origin Policy Bypass in Samsung Internet Browser 5.4.02.3 Unauthorized Deletion of Feedback in Techno - Portfolio Management Panel XSS Vulnerability in Techno - Portfolio Management Panel through 2017-11-16 SQL Injection Vulnerability in Techno - Portfolio Management Panel Full Path Disclosure Vulnerability in Techno - Portfolio Management Panel SSRF Vulnerability in Harbor's Ping() Function Reflected XSS Vulnerability in Zoho ManageEngine Password Manager Pro 9 NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 Persistent XSS in Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 Vulnerability: Replay Attacks and Message Forgery in Software House iStar Ultra Devices Unauthenticated Access to Password Safe Attachments in Pleasant Password Server Insufficient Authorization Checks Allow Unauthorized Profile Data Modification in Pleasant Password Server (before 7.8.3) Race Condition in raw_sendmsg() Function Allows Privilege Escalation Multiple SQL Injection Vulnerabilities in Trape (before 2017-11-05) Multiple XSS Vulnerabilities in Trape Directory Traversal Vulnerability in Telegram Messenger Android Application GitLab 9.4.x LDAP SSL Certificate Verification Bypass Weak Password Encryption and Hardcoded CMMDwoV Value in Sonatype Nexus Repository Manager LDAP Integration Missing SSL Certificate Validation in Net::LDAP Gem Cross-Site Scripting (XSS) Vulnerability in wp-concours Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in IBM Worklight (IBM MobileFirst Platform Foundation) SQL Injection Vulnerability in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 Remote Denial of Service Vulnerability in Exiv2 0.26 via Crafted TIFF File Heap-based Buffer Over-read in Exiv2::Image::byteSwap4 Function in image.cpp Heap-based Buffer Over-read in Exiv2::IptcData::printStructure Function in iptc.cpp Integer Overflow and Heap-Based Buffer Over-read in Exiv2::getULong Function in types.cpp (CVE-2020-0001) Arbitrary File Upload and PHP Code Execution in DedeCMS through 5.6 DNS Cache Poisoning Vulnerability in IBM DataPower Gateways SQL Injection in DedeCMS 5.7 via logo parameter in plus/flink_add.php SQL Injection via $_FILES Superglobal in DedeCMS through 5.7 Remote Command Execution Vulnerability in Maccms 8.x via wd Parameter Insecure Session Caching in CMS Made Simple (CMSMS) before 2.2.5 Improper Caching of Login Information in CMS Made Simple (CMSMS) before 2.2.5 Remote Code Execution Vulnerability in Kentico CMS Versions 9.0 and 10.0 XSS Vulnerability in BrightSign Digital Signage (4k242) Device (Firmware 6.2.63 and below) via REF Parameter File Renaming and Modification Vulnerability in BrightSign Digital Signage (4k242) Device (Firmware 6.2.63 and below) Directory Traversal Vulnerability in BrightSign Digital Signage (4k242) Device (Firmware 6.2.63 and below) IBM Security Guardium Big Data Intelligence (SonarG) 3.1 Unauthorized Disclosure of Sensitive Information Vulnerability Stack-based Buffer Overflow in OpenLDAP with nops module and memberof overlay KVM Implementation Vulnerability: Write_MMIO Stack-based Out-of-Bounds Read HTTP Response Splitting Vulnerability in Ruby's WEBrick HTTP Server Privilege Escalation via Improper Input Sanitization in UCOPIA Wireless Appliance Devices Cross-Site Scripting (XSS) Vulnerability in Custom-Map Plugin for WordPress Arbitrary JavaScript Injection in TP-Link TL-SG108E 1.0.0 Insecure Access Control on TP-Link TL-SG108E 1.0.0 Denial of Service Vulnerability in TP-Link TL-SG108E v1.0.0 Device Logout Functionality Bose SoundTouch Devices Vulnerable to Cross-Site Scripting (XSS) via Crafted Song Data XSS Vulnerability in Bose SoundTouch Devices via Spotify Public Playlist Remote Control Vulnerability in Bose SoundTouch Devices via WebSocket Protocol Cross Site Scripting (XSS) Vulnerability in Ability Mail Server 3.3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in esb-csv-import-export Plugin for WordPress Arbitrary Command Execution in TP-Link TL-WVR and TL-WAR Devices via Interface Field in Admin/Wportal Command Arbitrary Command Execution in TP-Link TL-WVR and TL-WAR Devices via Interface Field in Admin/DHCPS Command Remote Code Execution Vulnerability in Conarc iChannel Buffer Overflow in cv::PxMDecoder::readData function in OpenCV 3.3.1 Remote Command Execution Vulnerability on Ichano AtHome IP Camera Devices XML External Entity (XXE) Vulnerability in Episerver 7 Patch 4 and Earlier: Remote File Read via Crafted DTD Insecure File Transfer in SuperBeam through 4.1.3 Integer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Integer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Integer Overflow Vulnerability in wma_peer_info_event_handler() Buffer Access Vulnerability in Qualcomm Android Releases with CAF and Linux Kernel Audio Driver Information Leakage Vulnerability Untrusted Pointer Dereference Vulnerability in Qualcomm Android and Firefox OS Array Out of Bounds Vulnerability in msm_isp_prepare_v4l2_buf Buffer Overflow Vulnerability in Snapdragon Process Atom AVC1 CSRF Vulnerability in Piwigo 2.9.2's admin/configuration.php XSS Vulnerability in Piwigo 2.9.2 via admin.php?page=album-3-properties Full Path Disclosure in Paid To Read Script 2.0.5 via Invalid uid Parameter in admin/userview.php Authentication Bypass Vulnerability in Paid To Read Script 2.0.5 XSS Vulnerability in Paid To Read Script 2.0.5 via referrals.php and admin/userview.php Parameters SQL Injection Vulnerability in Paid To Read Script 2.0.5 via referrals.php id Parameter Clockwork SMS Clockwork-test-message.php XSS Vulnerability Heap-Based Buffer Over-Read Vulnerability in GraphicsMagick 1.3.27a's ReadOneJNGImage Function Buffer Over-read Vulnerability in GraphicsMagick 1.3.27a's ReadPALMImage Function Heap-based Buffer Over-read Vulnerability in GIMP 2.8.22's GBR Import Parser Heap-Based Buffer Overflow in fli_read_brun function in GIMP 2.8.22 Heap-based Buffer Over-read Vulnerability in GIMP 2.8.22's ReadImage Function Heap-Based Buffer Over-Read Vulnerability in GIMP 2.8.22's read_creator_block Function Stack-based Buffer Over-read Vulnerability in GIMP 2.8.22's xcf_load_stream Function Heap-Based Buffer Overflow in read_channel_data in GIMP 2.8.22 Local User Credential Exposure in IBM Cognos Analytics 11.0 Command Injection Vulnerability in Ruby's lazy_initialize Function Arbitrary JavaScript Injection via Comment in BlogoText 3.7.6 Information Disclosure Vulnerability in BlogoText Allows Reading Backup Archives on Windows Servers Bypassing Access Restrictions via E-mail Address Field in BlogoText Denial of Service Vulnerability in IKARUS Anti-Virus 2.16.20 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service and Potential Impact Vulnerability in IKARUS Anti-Virus 2.16.20 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.65 Denial of Service Vulnerability in IKARUS Anti-Virus 2.16.20 Salsa20 Encryption Algorithm Zero-Length Input Vulnerability HMAC Implementation Vulnerability in Linux Kernel Allows Stack Buffer Overflow Access-Control Bypass Vulnerability in Linux Kernel's KEYS Subsystem Unprotected XPC Service in Golden Frog VyprVPN for macOS Allows Arbitrary OpenVPN Configuration Updates Remote Denial of Service Vulnerability in NASM 2.14rc0: SEGV on Unknown Address Heap-based Buffer Overflow in NASM 2.14rc0: Remote Denial of Service Vulnerability Heap-Based Buffer Over-read in NASM 2.14rc0's detoken() Function: Remote Denial of Service Vulnerability Remote Denial of Service Vulnerability in NASM 2.14rc0: Use-After-Free in pp_list_one_macro Function Use-after-free vulnerability in NASM 2.14rc0 allows for remote denial of service attack Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in is_mmacro() Use-after-free vulnerability in NASM 2.14rc0 allows for remote denial of service attack Remote Denial of Service Vulnerability in NASM 2.14rc0: Use-After-Free in pp_verror Heap-Based Buffer Over-Read Vulnerability in NASM 2.14rc0 Leading to Remote Denial of Service Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in find_cc() Function Use-after-free vulnerability in NASM 2.14rc0 leads to remote denial of service attack Buffer Overflow Vulnerability in WebKit's FastBitVector.h SQL Injection Vulnerability in Piwigo 2.9.2 List Users API SQL Injection Vulnerability in Piwigo 2.9.2 Configuration Component SQL Injection Vulnerability in Piwigo 2.9.2 Batch Manager Component Persistent Cross Site Scripting Vulnerability in Piwigo 2.9.2 Batch Manager Component Persistent Cross Site Scripting Vulnerability in Piwigo 2.9.2 Configuration Component Cross-Site Request Forgery Vulnerability in Piwigo 2.9.2 Cross-Site Scripting (XSS) Vulnerabilities in Bus Booking Script SQL Injection in Bus Booking Script via sp_id and memid parameters Local User Parameter Manipulation Vulnerability in IBM Cognos Analytics 11.0 CSRF Vulnerability in Bus Booking Script's admin/new_master.php Arbitrary Command Execution via SSH URL in GitHub Git LFS Cross-Site Scripting Vulnerability in ServersCheck Monitoring Software before 14.2.3 Heap-Related Memory Corruption Vulnerability in OpenSLP Releases Remote Command Injection Vulnerability in Apache Airflow 1.8.2 and Earlier Exfiltration of Credentials via Experimental Airflow Feature in Apache Airflow 1.8.2 and Earlier XSS Injection Vulnerability in Apache DeltaSpike-JSF 1.8.0 Module Local User Access to Highly Sensitive Information in IBM Cognos Analytics 11.0 Buffer Overflow and Code Execution Vulnerability in Open-iSCSI ROBOT Attack: Decrypting TLS Ciphertext Data in Palo Alto Networks PAN-OS Enigmail 1.9.9 Vulnerability: Homograph Attack Allows Encryption with Intended Public Key TBE-01-005 Replay Issue in Enigmail: Cleartext Content Disclosure Vulnerability Improper Random Secret Generation in Enigmail: TBE-01-001 Regular Expression Denial of Service in Enigmail 1.9.9 and earlier Enigmail 1.9.9 Vulnerability: Signature Spoofing via UI Confusion Enigmail 1.9.9 Vulnerability: Signature Spoofing in Multipart/Related Messages Buffer Overflow Vulnerability in GetGo Download Manager 5.3.0.2712 and Earlier Authenticated Remote User Information Disclosure Vulnerability in IBM API Connect 5.0.7 and 5.0.8 SIP Message Contact Header Absence Vulnerability in Asterisk Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Integer Overflow and Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Improper Pointer Use in Linux Kernel's BPF Verifier Leads to Memory Corruption Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Memory Corruption Vulnerability in Linux Kernel's check_stack_boundary Function Heap-based Buffer Overflow in Artifex MuPDF 1.12.0: Arbitrary Code Execution via Crafted PDF File UXSS Vulnerability in Samsung Internet Browser 6.2.01.12 Allows Same Origin Policy Bypass Memory Leak Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Bluetooth Link Key Vulnerability in Samsung Gear Products Improper Branch-Pruning Logic in Linux Kernel's BPF Verifier Allows for Denial of Service Pointer Validation Vulnerability in Linux Kernel 4.9.x through 4.9.71 Pointer Leak Vulnerability in Linux Kernel's BPF Verifier Buffer Overflow Vulnerability in Artifex MuPDF Arbitrary OS Command Execution in Inteno iopsys 2.0-3.14 and 4.0 Devices XSS Vulnerability in Liferay Portal 6.1.0 Tags Section via Public Render Parameter (p_r_p) Value XSS Vulnerability in mgl-instagram-gallery WordPress Plugin Undisclosed Vulnerability in IBM Publishing Engine 2.1.2 and 6.0.5 Allows Unauthorized Access to Hard Coded User Credentials SQL Injection Vulnerability in JBuildozer Extension 1.4.1 for Joomla! SQL Injection Vulnerability in JEXTN Question And Answer Extension 3.1.0 for Joomla! SQL Injection Vulnerability in JEXTN Video Gallery Extension 3.0.5 for Joomla! SQL Injection Vulnerability in Vanguard Marketplace Digital Products PHP 1.4 via PATH_INFO to /p URI Arbitrary File Upload Vulnerability in Vanguard Marketplace Digital Products PHP 1.4 SQL Injection Vulnerability in JEXTN FAQ Pro Extension 4.0.0 for Joomla! Remote File Read Vulnerability in Biometric Shift Employee Management System 3.0 Default SSH Configuration Allows Remote Access to Valve Steam Link Vulnerability: Truncation of Root Passwords in Valve Steam Link Heap-based Buffer Over-read in ReadOneMNGImage in ImageMagick 7.0.7-16 Remote Spoofing Vulnerability in IBM WebSphere Application Server 9 Stack-based buffer over-read vulnerability in ImageMagick's WriteWEBPImage in coders/webp.c Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16: ReadMATImage Function in coders/mat.c Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16's ReadXPMImage Function Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16's ReadPGXImage Function Memory Leak Vulnerability in ImageMagick 7.0.7-16 Q16: Denial of Service via Crafted PNG Image File Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16's ReadPICTImage Function Memory Leak Vulnerability in ImageMagick 7.0.7-12 Q16: ReadPSDChannelZip Function in coders/psd.c Memory Leak Vulnerability in ImageMagick 7.0.7-16 Q16's GetImagePixelCache Function Arbitrary OS Command Execution in Anti-Web through 3.8.7 Cross-Site Scripting (XSS) Vulnerabilities in Kliqqi CMS 3.5.2 Remote Code Execution Vulnerability in IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 CSRF Vulnerability in Readymade Video Sharing Script's user-profile-edit.php SQL Injection in Readymade Video Sharing Script via viewsubs.php and search_video.php Cross-Site Scripting (XSS) Vulnerabilities in Readymade Video Sharing Script CSRF Vulnerability in Readymade Job Site Script via /job URI SQL Injection Vulnerability in Readymade Job Site Script XSS Vulnerability in Readymade Job Site Script via /job URI's keyword Parameter SQL Injection Vulnerability in Dolibarr ERP/CRM 6.0.4 - comm/multiprix.php (id parameter) Unrestricted Access to Dolibarr ERP/CRM Template Files Allows Information Disclosure SQL Injection Vulnerability in Dolibarr ERP/CRM 6.0.4: Remote Command Execution via rowid Parameter Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 5.0-6.0.5 Arbitrary SQL Command Execution Vulnerability in Dolibarr ERP/CRM 6.0.4 Denial of Service Vulnerability in ZyXEL P-660HW v3 Devices SQL Injection Vulnerability in Kliqqi CMS 3.5.2 via randkey Parameter CSRF Vulnerability in FS Lynda Clone: Unauthorized Content Addition via user/edit_profile Cross-Site Scripting (XSS) Vulnerability in FS Lynda Clone: tutorial/keywords and user/edit_profile/edit_profile_first_name Parameters CSRF Vulnerability in PHP Scripts Mall Car Rental Script via admin/sitesettings.php SQL Injection Vulnerability in PHP Scripts Mall Car Rental Script XSS Vulnerability in PHP Scripts Mall Car Rental Script via admin/areaedit.php and admin/sitesettings.php CSRF Vulnerability in PHP Scripts Mall Responsive Realestate Script via admin/general XSS Vulnerability in PHP Scripts Mall Responsive Realestate Script via admin/general.php gplus Parameter Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager Vulnerability: Wireless Cloning Attack on Hoermann BiSecur Devices XSS Vulnerability in Archon 3.21 rev-1: Referer Parameter in contact.php Heap-based Buffer Over-read in ReadNewsProfile in GraphicsMagick 1.4 snapshot-20171217 Q8 Stack-based Buffer Over-read in WriteWEBPImage in GraphicsMagick 1.4 snapshot-20171217 Q8 Denial of Service Vulnerability in ImageMagick 7.0.7-16 Q16 Heap-based Buffer Over-read in ReadMNGImage in GraphicsMagick 1.4 snapshot-20171217 Q8 SQL Injection Vulnerability in 'find_by' Method in Ruby on Rails 5.1.4 and Earlier SQL Injection Vulnerability in Ruby on Rails 'where' Method SQL Injection Vulnerability in 'order' Method in Ruby on Rails 5.1.4 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager SQL Injection Vulnerability in 'reorder' Method in Ruby on Rails 5.1.4 and Earlier Sensitive Full-Path Information Disclosure in PHP Scripts Mall Professional Service Script XSS Vulnerability in PHP Scripts Mall Professional Service Script via website_title Parameter Predictable Registration URL Vulnerability in PHP Scripts Mall Professional Service Script Sensitive Full-Path Information Disclosure in PHP Scripts Mall Professional Service Script SQL Injection Vulnerability in PHP Scripts Mall Professional Service Script XSS Vulnerability in PHP Scripts Mall Professional Service Script's admin/bannerview.php View Parameter Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager CSRF Vulnerability in PHP Scripts Mall Professional Service Script via admin/general_settingupd.php SQL Injection Vulnerability in PHP Scripts Mall Resume Clone Script via forget.php username parameter Buffer Overflow Vulnerability in ALLPlayer ALLMediaServer 0.95 and Earlier Cross-Site Scripting (XSS) Vulnerability in NetWin SurgeFTP Version 23f2 Memory Leaks in ImageMagick 7.0.7-17 Q16 x86_64 Coders/msl.c Buffer Underflow and Application Crash Vulnerability in Wireshark CSRF Vulnerability in Vanguard Marketplace Digital Products PHP via /search XSS Vulnerability in Vanguard Marketplace Digital Products PHP XSS Vulnerability in PHP Scripts Mall Single Theater Booking's admin/viewtheatre.php CSRF Vulnerability in PHP Scripts Mall Single Theater Booking IBM Tivoli Monitoring Multiple Vulnerabilities: TEPS User Privilege Escalation and Denial of Service XSS Vulnerability in Single Theater Booking PHP Script SQL Injection in PHP Scripts Mall Single Theater Booking via movieid parameter in admin/movieview.php Heap-Based Buffer Over-Read Vulnerability in LibTIFF 4.0.9's PackBitsEncode Function Missing SSL Certificate Validation in ASUS Vivobaby Application for Android (Version 1.1.09 and earlier) Missing SSL Certificate Validation in ASUS HiVivo Application for ASUS Watch (before 5.6.27) Buffer Overflow Vulnerability in Handy Password 4.9.3 Allows Remote Code Execution via Long Title Name Field Cross-Site Scripting Vulnerability in Pulse Secure Pulse Connect Secure and Pulse Policy Secure XSS Vulnerability in Cells Blog 3.5 via jfdname Parameter in act=showpic Request XSS Vulnerability in Cells Blog 3.5 via pub_readpost.php fmid Parameter Sensitive Information Disclosure in IBM WebSphere MQ Managed File Transfer SQL Injection Vulnerability in Cells Blog 3.5 via pub_readpost.php ptid Parameter SQL Injection Vulnerability in PHP Multivendor Ecommerce's shopping-cart.php Predictable Registration URL in PHP Multivendor Ecommerce Allows Remote Attackers to Register with Invalid or Spoofed Email Addresses XSS Vulnerability in PHP Multivendor Ecommerce's category.php chid1 Parameter XSS Vulnerability in PHP Multivendor Ecommerce's seller-view.php usid Parameter XSS Vulnerability in PHP Multivendor Ecommerce's shopping-cart.php cusid Parameter XSS Vulnerability in PHP Multivendor Ecommerce: admin/sellerupd.php companyname Parameter SQL Injection in PHP Multivendor Ecommerce via my_wishlist.php fid parameter XSS Vulnerability in PHP Multivendor Ecommerce's my_wishlist.php fid Parameter SQL Injection Vulnerability in PHP Multivendor Ecommerce's seller-view.php CSRF Vulnerability in PHP Multivendor Ecommerce's admin/sellerupd.php Denial of Service Vulnerability in Kingsoft WPS Office 10.1.0.6930 (CNVD-2017-35482) Buffer Overflow Vulnerability in NetTransport Download Manager 2.96L and Earlier Heap-based Buffer Overflow in 7-Zip and p7zip ZIP Archive Processing Multiple SQL Injection Vulnerabilities in Muviko 1.1 Cross-Site Scripting (XSS) Vulnerability in Dolibarr ERP/CRM 6.0.4 XSS Vulnerability in Archon 3.21 rev-1 (OBB-466362) Heap-based Use-After-Free Vulnerability in LibTIFF 4.0.8 Information Disclosure Vulnerability in BA SYSTEMS BAS Web on BAS920 and ISC2000 Devices Use-after-free vulnerability in usbtv_probe function in Linux kernel through 4.14.10 Unrestricted File Upload Vulnerability in Perfex CRM 1.9.7 Allows Remote Code Execution XSS Vulnerability in PHP Scripts Mall Muslim Matrimonial Script via admin/slider_edit.php edit_id Parameter CSRF Vulnerability in PHP Scripts Mall Muslim Matrimonial Script via admin/subadmin_edit.php SQL Injection Vulnerability in Muslim Matrimonial Script's view-profile.php XSS Vulnerability in PHP Scripts Mall Muslim Matrimonial Script via edit_id Parameter in admin/event_edit.php XSS Vulnerability in PHP Scripts Mall Muslim Matrimonial Script's admin/state_view.php cou_id Parameter XSS Vulnerability in PHP Scripts Mall Muslim Matrimonial Script via admin/caste_view.php comm_id Parameter Arbitrary File Upload Vulnerability in PHP Scripts Mall Muslim Matrimonial Script XSS Vulnerability in PHP Scripts Mall Muslim Matrimonial Script's admin/event_add.php event_title Parameter XSS Vulnerability in Biometric Shift Employee Management System's Edit Holiday Action CSRF Vulnerability in Biometric Shift Employee Management System's edit_holiday Action XSS Vulnerability in Biometric Shift Employee Management System's Expense Name Parameter Arbitrary File Download Vulnerability in Biometric Shift Employee Management System XSS Vulnerability in Biometric Shift Employee Management System via amount Parameter XSS Vulnerability in Biometric Shift Employee Management System via criteria Parameter XSS Vulnerability in Biometric Shift Employee Management System via Last_Name Parameter Buffer Overflow Vulnerability in SyncBreeze Enterprise <= 10.3.14 Allows Remote Command Execution Wireshark MRDISC Dissector NULL Pointer Dereference Vulnerability SQL Injection Vulnerability in RISE Ultimate Project Manager 1.9: Remote Code Execution Arbitrary Public Key Injection Vulnerability in Trustwave Secure Web Gateway (SWG) Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.2.3 via latitude or longitude parameter in maps/default/mapAndPoint Null Pointer Dereference in Exiv2::DataValue::toLong function in value.cpp XSS Vulnerability in Extensis Portfolio NetPublish's quickfind Parameter (OBB-290447) Memory Leak in ReadPWPImage in ImageMagick 7.0.7-17 Q16 Heap-based Buffer Over-read in cv::HdrDecoder::checkSignature XSS Vulnerability in E-goi Smart Marketing Plugin for WordPress XSS Vulnerability in MyCBGenie Affiliate Ads Plugin for WordPress XSS Vulnerability in Z-URL Preview Plugin 1.6.1 for WordPress Null-Pointer Dereference Vulnerability in LibTIFF 4.0.9 TIFFPrintDirectory Function Persistent XSS Vulnerability in Sophos XG Firewall's WAF Log Page XSS Vulnerability in ILLID Share This Image Plugin for WordPress Same Origin Policy Bypass in Parity Browser 1.6.10 and Earlier Use-after-free and Memory Corruption Vulnerability in xt_TCPMSS Action of Linux Kernel Race condition vulnerability in chown and chgrp in GNU Coreutils through 8.29 allows local users to modify ownership of arbitrary files Arbitrary Memory Read and Kernel Pointer Crash Vulnerability in K7 Total Security Arbitrary Code Execution Vulnerability in Samsung Bootloader (SVE-2017-10598) Predictable and Enumerable Password Generation Vulnerability in QtPass GUI Memory Leaks in MontageImageCommand in ImageMagick 7.0.7-12 Q16 Cross-Site Scripting (XSS) Vulnerability in Office Tracker 11.2.5 XSS Vulnerability in AvantFAX 3.3.3 via Arbitrary Parameter Name Arbitrary OS Command Execution in Innotube ITGuard-Manager 0.0.0.1 via Username Field Arbitrary Command Execution in Redmine via Mercurial Adapter Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16's ReadMATImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.7-1 Q16's ReadTIFFImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-10 Q16's ReadMATImage Function Denial of Service Vulnerability in Qemu's cirrus_invalidate_region Function Cross-Site Scripting (XSS) Vulnerability in WordPress Download Manager Plugin CSRF Vulnerabilities in Jira-importers-plugin Allow Remote Project Creation and Import Abortion Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Unauthenticated Remote Access to Review Coverage Statistics in Atlassian Fisheye and Crucible Server Side Request Forgery (SSRF) vulnerability in Atlassian Bitbucket Server allows remote attackers to determine open ports in unreachable services via the Github repository importer Path traversal vulnerability in Atlassian Bitbucket Server allows remote attackers to read arbitrary files via a git tag name. Path Traversal Vulnerability in Atlassian Bitbucket Server Allows Arbitrary File Reading Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira's IncomingMailServers Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Bamboo's viewDeploymentVersionCommits Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Bamboo's viewDeploymentVersionJiraIssuesDialog Resource CSRF Vulnerability in Atlassian Bamboo Allows Unauthorized User Data Modification Integer Overflow in ROUND_UP Macro in Quick Emulator (Qemu): Denial of Service Vulnerability Command Injection in Commvault ContentStore/Base/CVDataPipe.dll Unspecified Request Vulnerability in JBMC DirectAdmin before 1.52 Buffer Overflow in Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146: Remote Code Execution Buffer Overflow Vulnerability in LabF nfsAxe 3.7 FTP Client Arbitrary File Upload Vulnerability in Monstra CMS 3.0.4 Allows Remote Command Execution CSV Export Macro and Script Execution Vulnerability Improper Input Validation in wma_tbttoffset_update_event_handler() in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases with Linux Kernel Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Out of Bounds Memory Read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Potential Buffer Overflow in wil_aoa_evt_meas() when Processing AOA Measurement Event from WIGIG Firmware in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Potential Buffer Overflow in wma_process_utf_event() in Android for MSM, Firefox OS for MSM, QRD Android Out of Bound Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Arbitrary Code Execution Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Memory Leakage Vulnerability in MSM CORE of Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Heap Overflow Vulnerability in wma_ndp_end_response_event_handler() Qualcomm Snapdragon Mobile and Snapdragon Wear Debug Policy Bypass Vulnerability Vulnerability: Privacy Leakage through Probe Requests on Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Unauthorized Memory Access Vulnerability in Qualcomm Snapdragon Devices Media Header Parameter Vulnerability in Android Snapdragon Devices Denial of Service and Privilege Escalation in Linux Kernel's pcrypt.c Improper Protection of Authenticity Token in OmniAuth before 1.3.2 Vulnerability: Regular Expression Denial of Service (ReDoS) in brace-expansion before 1.1.7 Hardlink Ownership Bypass Vulnerability in systemd NULL pointer dereference vulnerability in Linux kernel before 4.12.4 Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Bamboo before 6.3.1 Cross-Site Scripting (XSS) Vulnerability in Atlassian Bamboo SignupUser Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Bamboo before version 6.2.3 Arbitrary HTML and JavaScript Injection in Atlassian Confluence Server Cross-Site Scripting (XSS) Vulnerability in Atlassian Confluence Server Usermacros Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Confluence Server before 6.6.1 Cross-Site Scripting (XSS) Vulnerability in Atlassian Confluence Server before 6.4.2 Argument Injection Vulnerability in Atlassian Bitbucket Server Clickjacking Vulnerability in Atlassian Bitbucket Server Cross-Site Scripting (XSS) Vulnerability in Atlassian Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Crucible's Print Snippet Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Improper Authorization Vulnerability in Atlassian Crucible Server Side Request Forgery (SSRF) vulnerability in Atlassian Application Links Cross-Site Scripting (XSS) Vulnerability in Trello Card Title Importer Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira before version 7.6.1 Cross-Site Scripting (XSS) Vulnerability in Agile Wallboard Gadget in Atlassian Jira Missing Permission Checks in Atlassian JIRA Server Allow Remote Attackers to Run Import Operations and Determine Internal Service Existence Cross-Site Scripting (XSS) Vulnerability in Atlassian-Renderer's Wiki Markup Component Remote Content Spoofing Vulnerability in Atlassian-HTTP Library Information Leakage in Atlassian Jira Webhooks Session Fixation Vulnerability in Atlassian Crowd Console Login Resource Session Token Collision Vulnerability in Atlassian Crowd Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Crowd Demo Application Arbitrary Code Execution via JNDI Injection in Atlassian Crowd SMTP Configuration Open Redirect Vulnerability in Atlassian Crowd Login Resource XXE Vulnerability in Atlassian Crowd Administration Backup Restore Resource XML External Entity (XXE) Vulnerability in Atlassian Application Links Information Disclosure Vulnerability in Atlassian Fisheye Allows Remote Access to Repository HTTP Password Remote Code Execution (RCE) Vulnerability in Jira Server and Jira Data Center Double-Free Vulnerability in gifsicle 1.90's read_gif Function Cross-Site Scripting (XSS) Vulnerability in SimpleSAMLphp's consentAdmin Module Signature-Validation Bypass Vulnerability in SimpleSAMLphp Reflected File Download Vulnerability in DokuWiki through 2017-02-19e Overflow Vulnerability in Secure Boot of Small Cell SoC and Snapdragon Processors Buffer Data Reuse Vulnerability in Android Secure Camera Lack of Randomization in Android Qualcomm Snapdragon Mobile and Snapdragon Wear Devices' Mac Spoofing Feature Buffer Overflow Vulnerability in Android VR Service Improper Access Control in Qualcomm Snapdragon Mobile SD 845 and SD 850: Potential Data Exposure Cross-Domain Control Vulnerability in Qualcomm Snapdragon Automobile and Snapdragon Mobile Devices Buffer Over-read Vulnerability in Android on Qualcomm Snapdragon Devices Incorrect Fuse Value Vulnerability in QTEE on Snapdragon Platforms Out-of-Bounds Access Vulnerability in Qualcomm Snapdragon Automobile and Snapdragon Mobile Processors Out of Bound Access Vulnerability in Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Buffer Overflow Vulnerability in Android's Qualcomm Snapdragon Mobile SD 845, SD 850 Buffer Overflow Vulnerability in Qualcomm Snapdragon Mobile Devices Use After Free vulnerability in Android Qualcomm Snapdragon devices Buffer Overflow Vulnerability in Android on Qualcomm Snapdragon Mobile Processors Buffer Overflow Vulnerability in Android on Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Buffer Overflow Vulnerability in Android Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Use After Free Vulnerability in Android Qualcomm Snapdragon Devices Third-Party TEE Privilege Escalation Vulnerability in Snapdragon Processors Buffer Overflow Vulnerability in Android on Qualcomm Snapdragon Mobile Processors Vulnerability: Unauthorized Collection of PD Dumps on Qualcomm Snapdragon Mobile SD 845 and SD 850 Devices Use After Free vulnerability in Android Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845 Use After Condition Vulnerability in Android Qualcomm Snapdragon Mobile and Snapdragon Wear Devices ECDSA Signature Verification Failure in Qualcomm Snapdragon Devices MMCP Downlink Message Validation Vulnerability Arbitrary Unmap Vulnerability in MediaServer: Exploiting Crafted Binder Requests in Android Uninitialized Variable Vulnerability in Snapdragon Automobile and Snapdragon Mobile (MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835) Use After Free Vulnerability in Snapdragon Camera Driver Use After Free Vulnerability in Snapdragon Thermal Engine Critical Security Vulnerabilities in Android Releases from CAF: Buffer Overflows and Array Out of Bounds Accesses Array Out of Bounds Access in Android CAF Releases Prior to 2018-06-05 Hardcoded Cyphersuites Vulnerability in Snapdragon Mobile and Wear Devices Kernel Denial of Service Vulnerability in Ashmem Cache Maintenance Operation Bluetooth Controller Function Input Validation Vulnerability GATT Data Packet Input Validation Vulnerability in Snapdragon Mobile Devices Integer Overflow or Wraparound Vulnerability in System UI on Snapdragon Devices Integer Underflow Vulnerability in Snapdragon Mobile Processors Double Free Vulnerability in Linux Kernel's amd_gpio_remove Function XSS Vulnerability in Progress Sitefinity 9.1 Template Configuration XSS Vulnerability in Progress Sitefinity 9.1 via File Upload XSS Vulnerability in Progress Sitefinity 9.1 New User Creation Page Open Redirect Vulnerability in Authenticate/SWT in Progress Sitefinity 9.1 Non-expiring authentication token vulnerability in Progress Sitefinity 9.1 Infinite Loop Vulnerability in QPDFWriter::enqueueObject() Function Stack-based out-of-bounds read vulnerability in QPDF_encryption.cc Heap-based Out-of-Bounds Read Vulnerability in QPDF Infinite Loop Vulnerability in QPDF Integer Overflow Vulnerability in ARM mbed TLS SSL Server Privilege Escalation via OpenRC opentmpfiles Vulnerability Infinite Loop and NULL Pointer Dereference Vulnerability in Sound eXchange (SoX) Arbitrary IPP Command Execution via localhost.localdomain Whitelist Bypass Vulnerability: Denial of Service Attack on OpenStack Nova Compute Host through Encrypted Volume Corruption Backdoor Access Vulnerability in Photo,Video Locker-Calculator Android App Denial of Service Vulnerability in Linux Kernel's f2fs Extent Cache Handling Arbitrary SQL Command Execution in HamayeshNegar CMS Signup Component Unauthenticated User Comment Enumeration in Concrete5 before 8.3.0 Path Traversal Vulnerability in Leptonica 1.74.4 XML External Entity (XXE) Vulnerability in mxGraphViewImageReader.java Heap-based Buffer Over-read in print_iso9660_recurse in GNU libcdio Denial of Service Vulnerability in GNU libcdio's realloc_symlink Function Reference Count Mishandling in f2fs_wait_discard_bios Leads to Denial of Service Vulnerability Double Free Vulnerability in GNU libcdio's get_cdtext_generic() Function Linux Kernel Denial of Service Vulnerability: mishandling of gather operations in __oom_reap_task_mm function Race condition in dm_get_from_kobject function in Linux kernel before 4.14.3 allows denial of service Denial of Service Vulnerability in ocfs2_setattr Function NULL Pointer Dereference Vulnerability in zsh's cd Command Buffer Overflow Vulnerability in Symlink Expansion in zsh before 5.4 Denial of Service Vulnerability in Python Wave_read._read_fmt_chunk Function Denial of Service Vulnerability in Linux Kernel's madvise_willneed Function NULL Pointer Dereference Vulnerability in GetOpenCLCachedFilesDirectory Function NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7's BenchmarkOpenCLDevices Function ImageMagick 7.0.7: NULL Pointer Dereference Vulnerability in saveBinaryCLProgram Function Heap-based Buffer Over-read in JerryScript 1.0 via RegExp Payload Privilege Escalation Vulnerability in Exponent CMS before 2.4.1 Patch #6 Regular Expression Denial of Service in Moment Module for Node.js Memory Corruption Vulnerability in xv 3.10a: Out-of-Bounds Write in PNG Comment Field Decoding NULL pointer dereference and BUG in fs/ocfs2/cluster/nodemanager.c leading to denial of service vulnerability Cross-Site Scripting (XSS) Vulnerability in InvoicePlane Use-after-free vulnerability in hns_enet.c in Linux kernel before 4.13 Denial of Service Vulnerability in GraphicsMagick 1.3.26 Remote Code Execution Vulnerability in GraphicsMagick 1.3.26 Denial of Service Vulnerability in Linux Kernel's __munlock_pagevec Function Buffer Overflow and Memory Corruption Vulnerability in Hisilicon Network Subsystem (HNS) BMC Remedy AR System Authentication Bypass Vulnerability Race condition vulnerability in fs/ocfs2/aops.c in Linux kernel before 4.15 allows local users to cause denial of service Privilege Escalation Vulnerability in Gentoo net-im/jabberd2 Package Privilege Escalation Vulnerability in Gentoo net-im/jabberd2 Package Incorrect Certificate Validation in TitanHQ WebTitan Gateway XSS Vulnerability in Remedy Mid Tier in BMC Remedy AR System 9.1 via ATTKey Parameter Allocation Failure Vulnerability in GraphicsMagick 1.3.26 NULL Pointer Dereference Vulnerability in GraphicsMagick 1.3.26's ReadCINEONImage Function GraphicsMagick 1.3.26 - Denial of Service via Crafted File in ReadEnhMetaFile Function Denial of Service Vulnerability in Linux Kernel's Serial Attached SCSI (SAS) Implementation Integer Overflow in Chunk Class in Exempi Allows for Denial of Service via Crafted XMP Data in .avi File Use-after-free vulnerability in Exempi before 2.4.3 allows remote attackers to cause denial of service or other unspecified impact via a .pdf file containing JPEG data. Denial of Service Vulnerability in Exempi 2.4.3 Denial of Service Vulnerability in Exempi 2.4.4 Denial of Service Vulnerability in Exempi's PostScript_Support::ConvertToDate Function Denial of Service Vulnerability in Exempi 2.4.4: Infinite Loop in TradQT_Manager::ParseCachedBoxes Function Time-Sensitive Bit-by-Bit Signature Guessing Vulnerability in authentikat-jwt Improper Ownership of PID File Directory in Gentoo app-admin/collectd Package NULL pointer dereference vulnerability in fs/f2fs/segment.c in the Linux kernel before 4.13 Out-of-Bounds Read Vulnerability in Libav's apply_dependent_coupling Function Denial of Service Vulnerability in Libav 12.2 Out-of-Bounds Read Vulnerability in Libav's stereo_processing Function Heap-based buffer over-read vulnerability in Libav 12.2's mpc8_probe function Heap-based Buffer Over-read Vulnerability in Libav 12.2 NULL Pointer Dereference Vulnerability in Libav 12.2 Remote Crash Vulnerability in CUPS 2.2.6 with D-Bus Support Race condition vulnerability in add_free_nid function in Linux kernel before 4.12 NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7 Memory Leak Vulnerability in ImageMagick's ReadPCDImage Function Denial of Service Vulnerability in ImageMagick 7.0.7 NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7 Memory Leak Vulnerability in ImageMagick's WriteGIFImage Function Integer Overflow Vulnerability in perf_cpu_time_max_percent_handler Function Denial of Service Vulnerability in Brave Browser 0.13.0 Integer Overflow and Loop Denial of Service Vulnerability in Linux Kernel's __get_data_block Function Memory Consumption Denial of Service Vulnerability in libxml2 Stored Cross-Site Scripting (XSS) Vulnerability in Dolibarr ERP/CRM Versions through 7.0.0 Multiple SQL Injection Vulnerabilities in Dolibarr ERP/CRM Versions through 7.0.0 via comm/propal/list.php Denial of Service Vulnerability in arch_timer_reg_read_stable Macro Unvalidated Redirect Vulnerability in Blackboard Learn Shibboleth Login Endpoint Directory Traversal Vulnerability in Seagate Media Server Bypassing Password Restrictions in phpMyAdmin 4.0 Denial of Service Vulnerability in Prosody before 0.10.0 Argument Injection Vulnerability in xdg-open Denial of Service Vulnerability in Poppler's FoFiType1C::cvtGlyph Function Vulnerability: Return of the Bleichenbacher Oracle Threat (ROBOT) Attack in Symantec IntelligenceCenter 3.3 Memory Corruption Vulnerability in SSE2-Optimized memmove Implementation in GNU C Library (glibc) Local Privilege Escalation via Keyctl Commands in Linux Kernel Infinite Loop Denial of Service Vulnerability in ImageMagick 7.0.7-16 Use-after-free vulnerability in ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25 in ReadOneMNGImage in coders/png.c Infinite Loop Denial of Service Vulnerability in ImageMagick 7.0.7-16 Buffer Overflow Vulnerability in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835 Vulnerability: Unauthorized Account Insertion in simContacts Service on Snapdragon Devices Vulnerability: Unauthorized Access to HLOS Memory via Secure Camera Logic in Snapdragon Mobile and Wear Platforms Memory Allocation Failure Vulnerability in Snapdragon Processors Integer Underflow Vulnerability in Snapdragon Processors Buffer Overflow Vulnerability in Camera Module of Small Cell SoC and Snapdragon Mobile Platforms Trusted Application Data Leakage Vulnerability in Snapdragon Processors Out of Bound Read Access Vulnerability in Video Function in Android CAF with Linux Kernel Vulnerability: Non-secure SW Exploitation in Snapdragon Mobile and Wear Devices Memory Corruption Vulnerability in Snapdragon Mobile Processors Improper Ownership of PID File Directory in Gentoo app-backup/burp Package Incorrect Group Ownership Vulnerability in Gentoo app-backup/burp Package XSS Vulnerability in nZEDb v0.7.3.3's 404 Error Page SQL Injection in PvPGN Stats 2.4.6 via user_search parameter in ladder/stats.php SQL Injection in PvPGN Stats 2.4.6 via game parameter in ladder/stats.php SQL Injection in PvPGN Stats 2.4.6 via GET type Parameter SQL Injection in PvPGN Stats 2.4.6 via sort_direction parameter SQL Injection in PvPGN Stats 2.4.6 via user parameter in ladder/stats.php Vulnerability: Denial of Service (DoS) Attack via Widevine App API in Snapdragon Devices Bypassing GPIO Protection via Banked GPIO Registers in Snapdragon Mobile and Wear Devices Buffer Overread Vulnerability in ELF Header Parsing in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear Buffer Overflow Vulnerability in DSP Service Module in Snapdragon Processors Improper Access Control Vulnerability in Snapdragon Platforms Double Memory Free Vulnerability in Snapdragon Mobile SE API Session Management Critical Input Validation Vulnerability in SDMX API: Exploiting NULL Pointer Access in Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear Translation Table Consolidation Vulnerability in Snapdragon Processors Vulnerability in Snapdragon Mobile and Wear Devices Allows Unauthorized Access to Secure Display Content Vulnerability: System Restart Due to NULL Argument in ICE Regulator Create Key IOCTL Processing Arbitrary Write Vulnerability in Snapdragon Processors Buffer Overflow Vulnerability in Snapdragon Processors Memory Allocation Vulnerability in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear Exploit: XBL sec mem dump system call enables full control of EL3 in Snapdragon Mobile and Wear devices Unlocked Modem Segments Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices QMP Transportation Vulnerability: Arbitrary Memory Access in Snapdragon Mobile (SD 845, SD 850) ClientEnv Exposes Services Vulnerability in Snapdragon Processors Improper Access Control of Unused Configuration xPU Ports in Snapdragon Processors Unauthenticated Manipulation Vulnerability in Snapdragon Automobile and Mobile Devices Vulnerability: Unauthorized Access to WCNSS Firmware via DXE Channels Vulnerability: CNOC_QDSS RG0 Lock Cleared on TZ Cold Boot Critical Buffer Over-read Vulnerabilities in Snapdragon Mobile's Older ASN.1 Parser (SD 600) QSEE Kernel Memory Access Vulnerability in Snapdragon Processors Vulnerability: Bypassing Modem Restrictions in Snapdragon Automobile and Snapdragon Mobile Devices CRL Issuer Name Validation Vulnerability in Snapdragon Automobile and Snapdragon Mobile Devices Snapdragon UIM API Debug Message Information Leak Vulnerability QSEE Unload Vulnerability in Snapdragon Automobile and Snapdragon Mobile Devices Vulnerability: Leakage of Security Keys in Snapdragon Mobile Devices Key Material Leakage in Snapdragon Mobile and Snapdragon Wear Devices Critical Cryptographic Key Leakage Vulnerability in Snapdragon Devices Critical Vulnerability: Cryptographic Key Material Leakage in Snapdragon Mobile and Snapdragon Wear Devices Insecure Key Printing in Snapdragon Mobile and Snapdragon Wear Devices Vulnerability: Security Key Logging in Snapdragon Devices QSH Client Rule Processing Use After Free Vulnerability Buffer Overflow Vulnerability in Snapdragon Automobile and Snapdragon Wear Devices Buffer Overflow Vulnerability in AES-CCM and AES-GCM Encryption in Snapdragon Devices Insecure Access Control Vulnerability in Snapdragon Processors Vulnerability: Security Key Logging in Snapdragon Devices Arbitrary Code Execution Vulnerability in PyYAML before 5.1 XSS Vulnerability in Symfony Debug Handler Out-of-Bounds Access Vulnerability in Linux Kernel's timer_create Syscall Implementation Arbitrary File Download Vulnerability in Joomanager Component for Joomla! SQL Injection Vulnerability in CMS Web-Gooroo through 2013-01-19 Race condition vulnerability in RDP Level 1 on STM32F0 series devices allows firmware extraction via SWD commands Privilege Escalation via Misconfigured Splunk Enterprise 6.6.x Arbitrary Code Execution via Crafted JSON Request in Fastjson (CVE-2020-10672) Stack-based Buffer Overflow in bitcoind and Bitcoin-Qt with Attacker-controlled SOCKS Proxy Server Reflected Cross Site Scripting (XSS) in Rendertron 1.0.0 via Error Reporting Remote Code Execution Vulnerability in Rendertron 1.0.0 Local File Inclusion (LFI) vulnerability in Rendertron 1.0.0 allows remote attackers to read arbitrary files via alternative protocols such as 'file://' Information Disclosure: Exposing Absolute Paths in Rendertron 1.0.0 PHP Object Injection Vulnerability in WooCommerce Plugin for WordPress PHP Object Instantiation XXE Vulnerability in Shopware Stored XSS Vulnerability in LimeSurvey's Continue Later Feature Denial of Service in PostGIS 2.x via Crafted ST_AsX3D Function Input Denial of Service Vulnerability in Linux Kernel's USB Serial Driver Pylons Colander URL Validator Denial of Service Vulnerability Unauthenticated Remote Command Execution Vulnerability in ConnectWise ManagedITSync Integration for Kaseya VSA XSS Vulnerability in phpFK Lite: faq.php, members.php, search.php, and user.php Arbitrary Code Execution via Deserialization in GitHub Enterprise Management Console CSRF Vulnerability in Subrion CMS 4.1.5's blog/delete/ Endpoint Bypassing Access Restrictions in libseccomp-golang 0.9.0 and Earlier Command Injection Vulnerability in ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 Router's Remote System Log Forwarding Function Command Injection Vulnerability in TrueOnline Billion 5200W-T Router's Remote System Log Forwarding Function Command Injection Vulnerability in ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 Router's Remote System Log Forwarding Function Default Password Vulnerability in ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 Router Command Injection Vulnerability in TrueOnline Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 Router's Time Setting Function Default Password Vulnerability in Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 Router Default Password Vulnerability in ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 Router PHP Object Instantiation Vulnerability in Ampache 3.8.3 via democratic.ajax.php and democratic.class.php Privilege Escalation in User API of TheHive before 2.13.4 and 3.x before 3.3.1 Command Injection Vulnerability in Wireless IP Camera (P2P) WIFICAM Cameras Remote Command Execution in NETGEAR ReadyNAS Surveillance Out-of-Boundary Access Vulnerability in Linux Kernel's NVMe Target FC Driver Password-Reset Email Vulnerability in edx-platform (CVE-XXXX) Open edX Installation Process Exposes MongoDB Instance with Default Credentials Unreserved E-mail Address Vulnerability in cPanel (SEC-306) Incorrect Location for cPanel Home-Directory Backups (SEC-309) Jailed Accounts in cPanel before 68.0.15 Vulnerability: Unauthorized File Restoration (SEC-310) Unprivileged User Access Vulnerability in cPanel (SEC-311) Arbitrary Code Execution Vulnerability in cPanel (SEC-313) Arbitrary Code Execution via Maketext Injection in cPanel Reseller Style Upload (SEC-314) Insecure File Operations in cPanel Jailshell (SEC-315) String Format Injection Vulnerability in cPanel's dovecot-xaps-plugin (SEC-318) Vulnerability: Code Execution via Weak Permissions on Incremental Backups in cPanel (SEC-322) World-readable Backup Files Vulnerability in cPanel (SEC-323) Multiple Account Assignment Vulnerability in cPanel (SEC-325) Insecure User Account Configuration in cPanel Allows Unauthorized Access to Private Emails (SEC-326) Inadequate Reserved Usernames List in cPanel (SEC-327) Insecure Username Handling in cPanel (SEC-328) Arbitrary File-Read Vulnerability in cPanel (SEC-329) Insecure Permissions in cPanel Local Backup Transport (SEC-330) Zone Creation Vulnerability in cPanel DNSUtils (SEC-331) Root Crontab File Disclosure Vulnerability in cPanel (SEC-332) Local Root Code Execution Vulnerability in cPanel (SEC-333) Invalid Username Format Vulnerability in cPanel (SEC-334) Stored XSS Vulnerability in cPanel during cpaddons Moderated Upgrade (SEC-336) Code Execution Vulnerability in cPanel Mailman Archives (SEC-337) Domain Data Deletion Vulnerability in cPanel (SEC-341) Arbitrary File-Read Vulnerability in cPanel (SEC-345) SQL Injection Vulnerability in cPanel's eximstats Processing (SEC-276) Insecure SSL Hostname Verification in cPanel Support-Agreement Download (SEC-279) Stored XSS Vulnerability in cPanel WHM MySQL Password Change Interfaces (SEC-282) Critical Vulnerability in cPanel Backup Interface Exposes All MySQL Databases (SEC-283) Critical Vulnerability in cPanel Allows Unauthorized Access to MySQL Databases (SEC-284) MySQL Database Copy Vulnerability in cPanel's Addon Domain Conversion Feature (SEC-285) World-readable Apache HTTP Server log files due to mishandling on account rename (SEC-296) Root's Home Directory Overwritten by Backup System in cPanel (SEC-299) Open Redirect Vulnerability in cPanel (SEC-300) Code Execution Vulnerability in cPanel (SEC-302) Arbitrary File-Overwrite Vulnerability in cPanel Roundcube SQLite Schema Update (SEC-303) Stored XSS Vulnerability in cPanel during WHM cPAddons Installation (SEC-263) Stored XSS Vulnerability in cPanel before 66.0.2 during WHM cPAddons File Operations (SEC-265) Stored XSS Vulnerability in cPanel during WHM cPAddons Uninstallation (SEC-266) Stored XSS Vulnerability in cPanel's WHM cPAddons Processing (SEC-269) Insecure Account Permissions in cPanel (SEC-271) Weak Domlog Ownership and Permissions Vulnerability in cPanel EasyApache 4 Conversion (SEC-272) Domain Log File Disclosure Vulnerability World-readable Apache HTTP Server configuration file vulnerability in cPanel before version 66.0.2 (SEC-274) Weak Permissions in cPanel's cpdavd_error_log File (SEC-280) Domain Log File Disclosure Vulnerability in cPanel (SEC-288) Weak Log-File Permissions Vulnerability in cPanel (SEC-289) World-readable Apache HTTP Server domlogs in cPanel before 66.0.2 (SEC-290) Persistent SSL Domain Logs in cPanel (SEC-291) Incorrect User and Group Ownership Vulnerability in cPanel (SEC-294) Unreliable Account Suspension/Unsuspension in cPanel (CPANEL-13941) Database Password Leak in cPanel's Horde MySQL to SQLite Conversion (SEC-234) Code Execution Vulnerability in cPanel Webmail and Demo Accounts via store_filter API Call (SEC-236) Root Account Code Execution Vulnerability in cPanel (SEC-237) Code Execution Vulnerability in cPanel BoxTrapper API (SEC-238) cPanel Fileman::getfileactions API2 Call Vulnerability (SEC-239) Code Execution Vulnerability in cPanel Webmail Forwarders (SEC-240) Vulnerability: Code Execution in cPanel Demo Accounts via Encoding API Calls (SEC-242) Code Execution Vulnerability in cPanel ImageManager_dimensions API (SEC-243) cPanel API2 Traceroute Execution Vulnerability (SEC-244) Demo Account Web Traffic Redirection Vulnerability in cPanel (SEC-245) Vulnerability: Unauthorized Execution of Cpanel::SPFUI API Commands in cPanel (SEC-246) Insecure SSH Port Forwarding in cPanel (SEC-247) Insecure Execution of SSH API Commands in cPanel (SEC-248) Unrestricted SSL API Calls in cPanel (SEC-249) Vulnerability: Unauthorized File Read and Write Operations in cPanel (SEC-250) Code Execution Vulnerability in cPanel's ClamScanner_getsocket API (SEC-251) File-read vulnerability in cPanel before 64.0.21 via Serverinfo_manpage API call (SEC-252) Root Account File-Rename Vulnerability in cPanel (SEC-254) Insecure File Permissions in cPanel's convert_roundcube_mysql2sqlite Script (SEC-255) cPanel Vulnerability: Information Disclosure during cPAddon Upgrade (SEC-257) Code Execution Vulnerability in cPanel (SEC-259) Insecure Account Renaming in cPanel (SEC-260) Stored XSS Vulnerability in cPanel WHM cPAddons Install Interface (SEC-262) Insecure Addon Domain Conversion in cPanel (SEC-208) Self XSS vulnerability in cPanel's WHM cPAddons showsecurity interface (SEC-217) Arbitrary File-Read Vulnerability in cPanel (SEC-218) File Overwrite Vulnerability in cPanel (SEC-219) Arbitrary Code Execution Vulnerability in cPanel (SEC-220) Arbitrary Code Execution Vulnerability in cPanel's Automatic SSL Installation (SEC-221) Insecure Account Rename Vulnerability in cPanel (SEC-223) CPHulk One-Day Ban Bypass Vulnerability in cPanel (SEC-224) Root Account Code Execution via Long DocumentRoot Path (SEC-225) Arbitrary File-Overwrite Vulnerability in cPanel (SEC-226) Insufficient Reserved Usernames in cPanel (SEC-227) Insecure Domain Ownership Verification in cPanel (SEC-228) URL Filtering Error in cPanel (SEC-229): Exploiting Restricted Resource Access cPanel Vulnerability: Code Execution via Htaccess::setphppreference API (SEC-232) cPanel Vulnerability: Code Execution via NVData_fetchinc API Call (SEC-233) Fixed Password Vulnerability in cPanel's Munin MySQL Test Account (SEC-196) Self XSS vulnerability in cPanel before 62.0.4 on the paper_lantern password-change screen (SEC-197) Reflected XSS Vulnerability in cPanel Reset-Password Interfaces (SEC-198) Self XSS vulnerability in cPanel webmail Password and Security page (SEC-199) Arbitrary File-Read Vulnerability in cPanel (SEC-201) Incorrect User Account Context in Exim Piped Filters Vulnerability (SEC-204) Inadequate Directory Protection in Leech Protect (SEC-205) Privilege Escalation Vulnerability in cPanel Exim Transports (SEC-206) XML-API ACL Bypass Vulnerability in cPanel (SEC-207) Unreserved Email Address Vulnerability in cPanel (SEC-209) Account Ownership Bypass Vulnerability in cPanel (SEC-210) Stored XSS Vulnerability in cPanel WHM Account Suspension List Interface (SEC-211) Vulnerability: Unauthorized Use of WHM enqueue_transfer_item API in cPanel (SEC-213) XSS Vulnerability in ANNKE SP1 HD Wireless Camera 3.4.1.1604071109 via Crafted SSID Cognitoys Dino Devices: Exploitable XSS Vulnerability through SSID Cognitoys Dino Devices Vulnerable to CSRF Attack via profiles_add.html Privilege Escalation via Weak PRNG in Jitbit Helpdesk Multiple XSS Vulnerabilities in Adsense-Plugin for WordPress (Version 1.44 and below) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Backup Guard Plugin for WordPress XSS Vulnerability in Contact Form 7 SMS Addon Plugin Multiple XSS Vulnerabilities in contact-form-multi WordPress Plugin Multiple XSS Vulnerabilities in contact-form-plugin Plugin for WordPress (<= 4.0.6) Multiple XSS Vulnerabilities in Contact-Form-to-DB Plugin for WordPress (<=1.5.7) Multiple XSS Vulnerabilities in Custom-Admin-Page Plugin for WordPress Multiple XSS Vulnerabilities in custom-search-plugin Plugin for WordPress XSS Vulnerability in Gravity Forms SMS Notifications Plugin Multiple XSS Vulnerabilities in htaccess Plugin for WordPress (Version 1.7.6 and below) XSS Vulnerability in LiveForms Plugin for WordPress (Version < 3.4.0) Reflected XSS Vulnerability in Simple Job Board Plugin for WordPress XSS Vulnerability in Simple-Membership Plugin for WordPress (<=3.5.7) Multiple XSS Vulnerabilities in social-buttons-pack WordPress Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in social-login-bws WordPress Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in Subscriber Plugin for WordPress XSS Vulnerability in Twitter Cards Meta Plugin for WordPress CSRF Vulnerability in Twitter Cards Meta Plugin for WordPress XSS Vulnerability in Twitter-Plugin Plugin for WordPress (Version 2.55 and earlier) XSS Vulnerability in WooCommerce PDF Invoices & Packing Slips Plugin XSS Vulnerability in wp-live-chat-support Plugin for WordPress (before 7.1.05) XSS Vulnerability in wp-live-chat-support Plugin for WordPress (before 7.1.03) Kernel Pointer Control Vulnerability in Linux IPv6 Multicast Routing CSRF Vulnerability in Custom-Sidebars Plugin for WordPress CSRF Vulnerability in Custom-Sidebars Plugin for WordPress CSRF Vulnerability in Newsletter-by-Supsystic Plugin for WordPress Lack of CSRF Protection in Responsive-Menu Plugin for WordPress SQL Injection Vulnerability in Simple-Login-Log Plugin for WordPress SQL Injection Vulnerability in wp-statistics Plugin for WordPress Multiple XSS Vulnerabilities in bws-linkedin Plugin for WordPress Multiple XSS Vulnerabilities in bws-pinterest WordPress Plugin Multiple XSS Vulnerabilities in bws-smtp Plugin for WordPress XSS Vulnerability in Customer-Area Plugin for WordPress Admin Pages XSS Vulnerability in Democracy-Poll Plugin for WordPress CSRF Vulnerability in Democracy-Poll Plugin for WordPress XSS Vulnerability in eelv-newsletter Plugin's Address Book CSRF Vulnerability in eelv-newsletter Plugin for WordPress Address Book Multiple XSS Vulnerabilities in Football-Pool Plugin for WordPress XSS Vulnerability in Megamenu Plugin for WordPress (Version 2.4 and Earlier) XSS Vulnerability in Moreads-SE Plugin for WordPress (Version 1.4.7 and earlier) Multiple XSS Vulnerabilities in Pagination Plugin for WordPress Multiple XSS Vulnerabilities in pdf-print Plugin for WordPress (Version 1.9.4 and Earlier) Multiple XSS Vulnerabilities in Promobar Plugin for WordPress Multiple XSS Vulnerabilities in Rating-BWS Plugin for WordPress XSS Vulnerability in raygun4wp Plugin Settings Multiple XSS Vulnerabilities in Realty Plugin for WordPress (Before 1.1.0) XSS Vulnerability in rimons-twitter-widget Plugin for WordPress Reflected XSS Vulnerability in Share-on-Diaspora Plugin for WordPress XSS Vulnerability in Smokesignal Plugin for WordPress (<=1.2.7) XSS Vulnerability in Stop-User-Enumeration Plugin for WordPress Multiple XSS Vulnerabilities in Visitors-Online Plugin for WordPress XSS Vulnerability in Weblibrarian Plugin for WordPress XSS Vulnerability in Weblibrarian Plugin for WordPress XSS Vulnerability in Weblibrarian Plugin for WordPress XSS Vulnerability in xo-security Plugin for WordPress (<=1.5.3) Multiple XSS Vulnerabilities in zendesk-help-center WordPress Plugin (<=1.0.4) Incorrect Access Control in Invite-Anyone Plugin for WordPress (<=1.3.16) Admin-Panel CSRF Vulnerability in Invite-Anyone Plugin for WordPress Unescaped Input Vulnerability in Invite-Anyone Plugin for WordPress CSRF Vulnerability in jayj-quicktag Plugin for WordPress CSRF Vulnerability in nelio-ab-testing Plugin for WordPress SQL Injection Vulnerability in Note-Press Plugin for WordPress Potential Kernel Stack Memory Exposure in aac_send_raw_srb in Linux Kernel Potential Kernel Stack Memory Exposure in aac_get_hba_info in Linux Kernel Out of Bounds Write Vulnerability in Linux Kernel's i2c-core-smbus.c Out of Bounds Write and Read Vulnerability in Linux Kernel's RDS Module XSS Vulnerability in Ad-Buttons Plugin for WordPress XSS Vulnerability in analytics-tracker WordPress Plugin (Version < 1.1.1) via Search Event XSS Vulnerability in Booking-SMS Plugin for WordPress (Version < 1.1.0) Multiple XSS Vulnerabilities in bws-google-analytics Plugin for WordPress (<=1.7.1) Multiple XSS Vulnerabilities in bws-google-maps WordPress Plugin (<=1.3.6) Multiple Cross-Site Scripting (XSS) Vulnerabilities in bws-testimonials Plugin for WordPress Multiple XSS Vulnerabilities in cforms2 Plugin for WordPress XSS Vulnerability in Content-Audit Plugin for WordPress (<=1.9.2) XSS Vulnerability in embed-comment-images Plugin for WordPress Multiple XSS Vulnerabilities in Error-Log-Viewer Plugin for WordPress Persistent XSS Vulnerability in RSVP Plugin for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sender Plugin for WordPress (Version 1.2.1 and earlier) Critical XSS Vulnerabilities Found in WordPress Updater Plugin (Version 1.35 and Earlier) Multiple Cross-Site Scripting (XSS) Vulnerabilities in User-Role Plugin for WordPress XSS Vulnerability in wp-all-import Plugin for WordPress (Version < 3.4.6) XSS Vulnerability in my-wp-translate Plugin for WordPress CSRF Vulnerability in my-wp-translate Plugin for WordPress SQL Injection Vulnerability in cforms2 Plugin for WordPress SQL Injection Vulnerability in Search-Everything Plugin for WordPress 4.7.x XSS Vulnerability in gnucommerce Plugin for WordPress (Version < 1.4.2) SQL Injection Vulnerability in Simple-Login-Log Plugin for WordPress Insufficient HTML Escaping in Ninja Forms Plugin for WordPress Multiple Stored XSS Vulnerabilities in Newstatpress Plugin for WordPress XSS Vulnerability in Event-Notifier Plugin for WordPress XSS Vulnerability in Mailchimp for WP Plugin (Version 4.1.8 and earlier) via add_query_arg Return Value XSS Vulnerability in Crafty-Social-Buttons Plugin for WordPress XSS Vulnerability in Corner-Ad Plugin for WordPress (Version 1.0.8 and earlier) Remote Code Execution Vulnerability in Shortcodes-Ultimate Plugin for WordPress XSS Vulnerability in Time-sheets Plugin for WordPress (Version < 1.5.0) Critical Cross-Site Scripting Vulnerabilities in WordPress Time-Sheets Plugin PHP Object Injection Vulnerability in Post-Pay-Counter Plugin for WordPress Lack of Permissions Check in Post-Pay-Counter Plugin for WordPress Allows Unauthorized Update-Setting Action Directory Traversal Vulnerability in Posts-in-Page Plugin for WordPress Directory Traversal Vulnerability in Insert-Pages Plugin for WordPress Newline Mishandling in Hyper Crate Hostname verification bypass in security-framework crate Panic Vulnerability in Cookie Crate: Large Integers in Max-Age Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Timesheet Plugin for WordPress XSS Vulnerability in gd-rating-system Plugin for WordPress (Version < 2.1) Incorrect wp_upload Directory Vulnerability in woocommerce-catalog-enquiry Plugin XSS Vulnerability in UpdraftPlus Plugin for WordPress (Versions prior to 1.13.5) Double Free Denial of Service Vulnerability in Nmap 7.70 Double Free Vulnerability in Linux Kernel's allocate_trace_buffer Function Elementor Plugin for WordPress: Incorrect Access Control for Internal Functions (Version 1.8.0 and Earlier) SQL Injection in jtrt-responsive-tables WordPress Plugin XSS Vulnerability in Qards Plugin for WordPress via html2canvasproxy.php XSS Vulnerability in Pinfinity Theme for WordPress (s parameter) Stored XSS Vulnerability in Formcraft3 Plugin for WordPress XSS Vulnerability in Examapp Plugin 1.0 for WordPress SQL Injection Vulnerability in examapp plugin 1.0 for WordPress XSS Vulnerability in Postman-SMTP Plugin for WordPress PHP Object Injection Vulnerability in sitebuilder-dynamic-components Plugin for WordPress PHP Object Injection Vulnerability in gravitate-qa-tracker WordPress Plugin Stored XSS Vulnerability in Avada Theme for WordPress (Version < 5.1.5) CSRF Vulnerability in Avada Theme for WordPress (before 5.1.5) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Spotim-Comments Plugin for WordPress XSS Vulnerability in Magic-Fields Plugin for WordPress (CVE-XXXX-XXXX) XSS Vulnerability in Magic-Fields Plugin for WordPress (CVE-2021-12345) XSS Vulnerability in Magic-Fields Plugin for WordPress (CVE-2021-12345) XSS Vulnerability in wp-whois-domain Plugin 1.0.0 for WordPress XSS Vulnerability in Trust-Form Plugin 2.0 for WordPress via wp-admin/admin.php?page=trust-form-edit Parameter SQL Injection Vulnerability in kama-clic-counter Plugin 3.4.9 for WordPress XSS Vulnerability in kama-clic-counter Plugin for WordPress Script Injection Vulnerability in Newspaper Theme for WordPress (Version 6.7.2 and below) Arbitrary HTML Injection Vulnerability in noVNC before 0.6.2 Directory Traversal Vulnerability in CDG through 2017-01-01's downloadDocument.jsp SSRF Vulnerability in Graphite Web Server Allows Exfiltration of Information via Email Cross-Site Scripting (XSS) Vulnerability in Progress Sitefinity CMS Entity Expansion Vulnerability in SnakeYAML's Alias Feature LXC 2.0 Vulnerability: Insecure Code Download and Missing Digital Signature Check Cleartext Bluetooth Low Energy (BLE) Communication Vulnerability in Syska Smart Bulb Devices Information Disclosure of GPU Memory Node Address on Samsung Mobile Devices (SVE-2017-8907) Samsung Mobile Devices MUIC Register Value Reading Heap-Based Buffer Overflow Vulnerability Samsung Mobile Devices Panel_lpm Sysfs Stack-based Buffer Overflow Vulnerability Magnetic Cover Bypass: Samsung Mobile Devices Vulnerability (SVE-2017-10602) Race condition and buffer overflow vulnerability in Samsung Secure Driver (SVE-2017-8973, SVE-2017-8974, SVE-2017-8975) Arbitrary File Read/Write Vulnerability in Samsung Mobile Devices (SVE-2017-10086) SamFAIL: Root Privilege Vulnerability in Samsung Mobile Devices Samsung Mobile Devices with N(7.x) Software WifiStateMachine IllegalArgumentException and Reboot Vulnerability Integer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-9008 and SVE-2017-9009) Arbitrary Code Execution Vulnerability in Samsung SVoice (SVE-2017-9299) Email Spoofing Vulnerability on Samsung Mobile Devices Unauthenticated Registration of Security Certificate on Samsung Mobile Devices (SVE-2017-9659) Stack-based Buffer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-8889, SVE-2017-8891, SVE-2017-8892) Buffer Over-read Vulnerability in Samsung Trustlet (SVE-2017-8890) Arbitrary Write Vulnerability in Samsung Trustlet (SVE-2017-8893) Samsung Mobile Devices with M(6.0) Software - Multiwindow_facade API NullPointerException Vulnerability Broadcast-based Denial of Service Vulnerability in Samsung Mobile Devices Buffer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-8888) Buffer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-8973) Information Leak Vulnerability on Samsung Mobile Devices (SVE-2017-9109) Samsung Mobile Devices with N(7.x) Software: System Crash Vulnerability Samsung Mobile Devices: Memory Corruption Vulnerability (SVE-2017-8286) NULL Pointer Exception in WifiService via adb-cmd: SVE-2017-8287 (June 2017) Vulnerability Arbitrary Premium SMS Messaging Vulnerability on Samsung Mobile Devices (SVE-2017-8701) SMS Storage Exhaustion Vulnerability Denial of Service Vulnerability on Samsung Mobile Devices with M(6.0) Software Unprotected API in Samsung Mobile Devices Allows Unauthorized Activity Launch Vulnerability: android.intent.action.SIOP_LEVEL_CHANGED allows unauthorized reboot on Samsung mobile devices Wi-Fi Intents Exception Handling Vulnerability on Samsung Mobile Devices Samsung Mobile Devices Local Reboot Vulnerability (SVE-2017-8390) Location Service Disabling Vulnerability on Samsung Mobile Devices Kernel Panic Vulnerability in Samsung Mobile Devices with N(7.0) Software Uninitialized Memory Leak Vulnerability in Samsung Camera Application (SVE-2016-6989) RKP Kernel Protection Bypass Vulnerability on Samsung Mobile Devices with N(7.0) Software Unprotected Intent Vulnerability on Samsung Mobile Devices (SVE-2016-7142) Samsung Mobile Devices Serializable Object Crash Vulnerability Samsung Mobile Devices with M(6.0) Software SLocation API Crash Vulnerability Unintended Access to User Data via Lockscreen Interface on Samsung Mobile Devices Buffer Overflow Vulnerabilities in Samsung Galaxy S5 Bootloader Unprotected Intent and Exception Handling Vulnerability on Samsung Mobile Devices Hare Hunting Vulnerability in Samsung Mobile Devices Samsung Mobile Devices SVoice Provider Seizure Vulnerability Samsung Mobile Devices InputMethod Application Crash Vulnerability Unprotected Intent Broadcasting Vulnerability on Samsung Mobile Devices (SVE-2016-7180) SDCard Path Disclosure Vulnerability Information Disclosure Vulnerability in Samsung Mobile Devices (SVE-2016-7340) Kernel Module Signature Bypass Vulnerability on Samsung Mobile Devices Buffer Overflow Vulnerability in Samsung Mobile Devices with Exynos Chipsets Buffer Overflow Vulnerabilities in Samsung Mobile Devices with Exynos8890 Chipsets Race condition and buffer overflow vulnerability in Samsung mobile devices with M(6.0) and N(7.0) software Buffer Overflow Vulnerability in Samsung Mobile Devices (SVE-2016-7510) Kernel Address Leakage Vulnerability on Samsung Mobile Devices with Exynos5 Chipsets (SVE-2016-7551) Samsung Mobile Devices EAS Autodiscover Credential Disclosure Vulnerability Memory Corruption Vulnerability on Samsung Mobile Devices with Exynos7420, Exynos8890, or MSM8996 Chipsets (SVE-2016-7897) Stack-Based Buffer Overflow Vulnerability in NETGEAR R7800 and R9000 Devices Stack-based Buffer Overflow Vulnerability in NETGEAR R6100, R7800, and R9000 Routers Stack-Based Buffer Overflow Vulnerability in NETGEAR R7800 and R9000 Devices Stored XSS Vulnerability in Multiple NETGEAR Devices Reflected XSS Vulnerability in NETGEAR R6700 and R6900 Devices Incorrect Configuration of Security Settings in NETGEAR R6220 Devices CSRF Vulnerability in Multiple NETGEAR Devices Arbitrary File Read Vulnerability in Certain NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Insecure Configuration Vulnerability in Certain NETGEAR Devices Buffer Overflow Vulnerability in NETGEAR R8300 and R8500 Routers CSRF Vulnerability in NETGEAR R8300 and R8500 Devices NETGEAR R8300 and R8500 Devices Vulnerable to Incorrect Security Configuration NETGEAR R8300 and R8500 Devices Vulnerable to Sensitive Information Disclosure Incorrect Configuration of Security Settings in Certain NETGEAR Devices Arbitrary File Read Vulnerability in Certain NETGEAR Devices Arbitrary File Read Vulnerability in Certain NETGEAR Devices Denial of Service Vulnerability in NETGEAR WNDR4500v3 Devices Reflected XSS Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Authentication Bypass Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Vulnerability: Incorrect Security Settings Configuration in NETGEAR Devices Authentication Bypass Vulnerability in NETGEAR Devices Authentication Bypass Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in Multiple NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in Multiple NETGEAR Devices Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices Buffer Overflow Vulnerability in NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices CSRF Vulnerability in Certain NETGEAR Devices Authentication Bypass Vulnerability in Certain NETGEAR Devices Buffer Overflow Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in NETGEAR Devices Incorrect Security Configuration Vulnerability in Certain NETGEAR Devices Incorrect Security Configuration Vulnerability in Certain NETGEAR Devices NETGEAR Devices Vulnerable to Incorrect Security Configuration CSRF Vulnerability in Multiple NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR Devices Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices Arbitrary File Read Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices CSRF Vulnerability in Multiple NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Stack-based Buffer Overflow Vulnerability in NETGEAR R6700v2, R6800, and R6900v2 Routers Stack-Based Buffer Overflow Vulnerability in NETGEAR R8300 and R8500 Routers Stack-Based Buffer Overflow in NETGEAR R8000 Devices Command Injection Vulnerability in Certain NETGEAR Devices Vulnerability in NETGEAR Devices: Incorrect Security Configuration Command Injection Vulnerability in Multiple NETGEAR Devices Denial of Service Vulnerability in NETGEAR Devices Arbitrary File Read Vulnerability in NETGEAR DST6501 and WNR2000v2 Devices Command Injection Vulnerability in Multiple NETGEAR Devices CSRF Vulnerability in NETGEAR Devices Arbitrary File Read Vulnerability in Multiple NETGEAR Devices Buffer Overflow Vulnerability in NETGEAR Devices Authentication Bypass Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in Certain NETGEAR Devices CSRF Vulnerability in NETGEAR Devices Authentication Bypass Vulnerability in Multiple NETGEAR Devices Administrative Password Disclosure Vulnerability in Certain NETGEAR Devices Incorrect Configuration of Security Settings in Multiple NETGEAR Devices Buffer Overflow Vulnerability in Multiple NETGEAR Devices Denial of Service Vulnerability in Certain NETGEAR Devices CSRF Vulnerability in Multiple NETGEAR Devices CSRF Vulnerability in Multiple NETGEAR Devices XSS Vulnerability in Multiple NETGEAR Devices XSS Vulnerability in Multiple NETGEAR Devices Multiple NETGEAR Devices Vulnerable to XSS Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in Multiple NETGEAR Devices Sensitive Information Disclosure Vulnerability in Certain NETGEAR Devices Vulnerability: Sensitive Information Disclosure in NETGEAR Devices CSRF Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in NETGEAR D6100 Devices Command Injection Vulnerability in NETGEAR R7800 Devices Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in NETGEAR D6220 and D6100 Routers Command Injection Vulnerability in NETGEAR Devices Arbitrary File Read Vulnerability in NETGEAR Routers Vulnerability: Incorrect Security Settings Configuration in NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Reflected XSS Vulnerability in NETGEAR R6700v2 and R6800 Devices Command Injection Vulnerability in NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices Incorrect Configuration of Security Settings in NETGEAR R7800 Devices Command Injection Vulnerability in NETGEAR R7800 and R9000 Devices Command Injection Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Incorrect Configuration of Security Settings in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Incorrect Configuration of Security Settings in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in NETGEAR ReadyNAS OS 6 Devices Stored XSS Vulnerability in Certain NETGEAR Devices Vertical Privilege Escalation Vulnerability in Certain NETGEAR Devices Incorrect Configuration of Security Settings in Certain NETGEAR Devices Directory Traversal Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in Certain NETGEAR Devices Vertical Privilege Escalation Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in Certain NETGEAR Devices Vertical Privilege Escalation Vulnerability in Certain NETGEAR Devices Vertical Privilege Escalation Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in Certain NETGEAR Devices Stored XSS Vulnerability in Certain NETGEAR Devices Reflected XSS Vulnerability in Certain NETGEAR Devices Reflected XSS Vulnerability in Certain NETGEAR Devices Reflected XSS Vulnerability in Certain NETGEAR Devices Denial of Service Vulnerability in Certain NETGEAR Devices Vertical Privilege Escalation Vulnerability in Certain NETGEAR Devices Privilege Escalation Vulnerability in NETGEAR M4300 and M4200 Devices Stored XSS Vulnerability in Certain NETGEAR Devices Denial of Service Vulnerability in Certain NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices CSRF Vulnerability in NETGEAR Devices Vulnerability: Disclosure of Administrative Credentials in Certain NETGEAR Devices Vulnerability: Disclosure of Administrative Credentials in Certain NETGEAR Devices Vulnerability: Disclosure of Administrative Credentials in NETGEAR R6700v2 and R6800 Devices Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices Arbitrary File Reading Vulnerability in NETGEAR Devices CSRF Vulnerability in NETGEAR Devices Command Injection Vulnerability in Certain NETGEAR Devices Authentication Bypass Vulnerability in Multiple NETGEAR Devices Command Injection Vulnerability in NETGEAR Devices CSRF and Authentication Bypass Vulnerabilities in NETGEAR Devices Vulnerability: Password Recovery and File Access in Certain NETGEAR Devices Command Injection Vulnerability in NETGEAR ReadyNAS 6.6.1 and Earlier Command Execution Vulnerability in NETGEAR WNR854T Devices Command Injection Vulnerability in NETGEAR ReadyNAS Devices Password Mismanagement in NETGEAR Insight Application: A Critical Vulnerability Command Execution Vulnerability in Certain NETGEAR Devices NETGEAR Devices Vulnerable to Slowdown/Stoppage Exploit Title: Debugging Command Execution Vulnerability in Certain NETGEAR Devices CSRF Vulnerability in NETGEAR ReadyNAS Surveillance Devices Authentication Bypass Vulnerability in Certain NETGEAR Devices Command Execution Vulnerability in Certain NETGEAR Devices via PHP Form Buffer Overflow Vulnerability in Certain NETGEAR Devices Stack-Based Buffer Overflow Vulnerability in NETGEAR R8300 and R8500 Routers Stored XSS Vulnerability in Multiple NETGEAR Devices Vulnerability: Incorrect Security Settings Configuration in NETGEAR Devices Vulnerability: Lack of Effective Protection Mechanism for Remote AT Commands in Digi XBee 2 Devices Symlink Attack Vulnerability in chownr Package for Node.js 10.10 Webhook Access Control Vulnerability in Mattermost Server Denial of Service Vulnerability in Mattermost Server OAuth App Reconfiguration Vulnerability in Mattermost Server Denial of Service Vulnerability in Mattermost Server Directory Traversal Vulnerability in Mattermost Server Arbitrary File Creation Vulnerability in Mattermost Server Arbitrary File Existence Disclosure in Mattermost Server Cross-Site Scripting (XSS) Vulnerability in Mattermost Server OAuth 2.0 Allow/Deny Page Session ID Revocation Vulnerability Cross-Site Scripting (XSS) Vulnerability in Mattermost Server via Slack Attachment's author_link Field Cross-Site Scripting (XSS) Vulnerability in Mattermost Server via Slack Attachment Title Link Field Cross-Site Scripting (XSS) Vulnerability in Mattermost Server Cross-Site Scripting (XSS) Vulnerability in Mattermost Server via OpenGraph Data Low Entropy for Authorization Data in Mattermost Server Privilege Escalation via Registered OAuth Application and Personal Access Tokens Unintended API Endpoint Access Privilege Escalation Vulnerability in Mattermost Server Bypass of Slash Command Restrictions in Mattermost Server Email Address Disclosure Vulnerability in Mattermost Server SQL Injection Vulnerability in Mattermost Server Arbitrary System-Message Creation via Webhooks and Slash Commands in Mattermost Server Button-based API Request Vulnerability Phishing Vulnerability in Mattermost Server HTML Injection Vulnerability in Mattermost Server Cross-Site Scripting (XSS) Vulnerability in Mattermost Server OAuth 2.0 Service Provider Account Takeover Vulnerability Information Disclosure Vulnerability in Mattermost Server REST API Log Injection Vulnerability in Mattermost Server OAuth 2.0 Redirection Denial Vulnerability in Mattermost Server Denial of Service Vulnerability in Mattermost Server IP-based Rate Limiting Vulnerability in Mattermost Server CSV Injection Vulnerability in Mattermost Server Team Invite ID Disclosure Vulnerability Team Invite ID Exposure Vulnerability CSRF Vulnerability in Mattermost Server with Enabled CORS Cross-Site Scripting (XSS) Vulnerability in Mattermost Server Session Invalidation Mishandling in Mattermost Server Account Takeover Vulnerability in Mattermost Server with Single Sign-On OAuth2 Cross-Site Scripting (XSS) Vulnerability in Mattermost Server Password-reset request vulnerability in Mattermost Server SAML Encryption and Signature Verification Vulnerability in Mattermost Server Spoofed Links in Mattermost Server Email Notifications TLS-based e-mail server certificate validation bypass vulnerability in Mattermost Server Path Traversal Vulnerability in Mattermost Server Cross-Site Scripting (XSS) Vulnerability via Error Page Link in Mattermost Server External Link Vulnerability on Error Pages API Endpoint Access Vulnerability API Endpoint Access Control Bypass in Mattermost Server Weak Hashing Vulnerability in Mattermost Server Arbitrary Pathname Placement of SAML Certificate in Mattermost Server Unauthenticated Team Creation Vulnerability in Mattermost Server WebSocket Same Origin Policy Bypass in Mattermost Server Cross-Site Scripting (XSS) Vulnerability via Error Page Link Heap-based Buffer Overflow in LibVNCServer's websockets.c Arbitrary File Download Vulnerability in beroNet VoIP Gateways (CVE-2021-XXXX) OAuth 2.0 Authorization Code Injection Vulnerability Local Privilege Escalation: Symlink Attack in opentmpfiles through 0.3.1 Heap-based Buffer Overflow in Raptor RDF Syntax Library 2.0.15 Inadequate Data Encryption in AES Encryption Project for Drupal (SA-CONTRIB-2017-027) Privilege Escalation Vulnerability in Debian Shadow Package Race condition vulnerability in Rust's MutexGuard object allows for memory safety issues NGINX Buffer Overflow Vulnerability in Autoindex Module Heap-Based Buffer Overflow in UnRAR 5.6.1.2 and 5.6.1.3 Sensitive Information Disclosure in Ingeteam INGEPAC DA AU AUC_1.13.0.28 Web Application Reflected Cross-Site Scripting in myCred WordPress Plugin 1.7.8 and earlier Denial of Service Vulnerability in WEKA INTEREST Security Scanner 1.8 Denial of Service Vulnerability in WEKA INTEREST Security Scanner 1.8 Local Denial of Service Vulnerability in WEKA INTEREST Security Scanner 1.8 Denial of Service Vulnerability in Unsupported WEKA INTEREST Security Scanner (up to 1.8) Denial of Service Vulnerability in Unsupported WEKA INTEREST Security Scanner (up to 1.8) Denial of Service Vulnerability in WEKA INTEREST Security Scanner up to 1.8 Critical SQL Injection Vulnerability in The Next Generation of Genealogy Sitebuilding up to 11.1.0 Remote Privilege Escalation Vulnerability in XAMPP 7.1.1-0-VC14 Installer Information Disclosure Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Cross-Site Request Forgery Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Critical Privilege Escalation Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Remote Information Disclosure Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Critical Privilege Escalation Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Denial of Service Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Critical Privilege Escalation Vulnerability in Solare Solar-Log 2.8.4-56/3.5.2-85 Cross-Site Scripting (Reflected) Vulnerability in HumHub up to 1.0.1 Cross-Site Scripting (DOM) Vulnerability in HumHub up to 1.0.1 Critical Privilege Escalation Vulnerability in HumHub 0.20.1/1.0.0-beta.3 Critical SQL Injection Vulnerability in PHPList 3.2.6 Critical SQL Injection Vulnerability in PHPList 3.2.6 Information Disclosure Vulnerability in PHPList 3.2.6 Critical SQL Injection Vulnerability in PHPList 3.2.6 Subscription Component Cross-Site Scripting (XSS) Vulnerability in PHPList 3.2.6 Cross-Site Scripting (Persistent) Vulnerability in PHPList 3.2.6 Cross-Site Scripting (Persistent) Vulnerability in PHPList 3.2.6 Cross-Site Scripting (Persistent) Vulnerability in PHPList 3.2.6 Critical Privilege Escalation Vulnerability in SICUNET Access Controller 0.32-05z Critical Privilege Escalation Vulnerability in SICUNET Access Controller 0.32-05z Critical Remote Weak Authentication Vulnerability in SICUNET Access Controller 0.32-05z Weak Encryption Vulnerability in SICUNET Access Controller 0.32-05z Remote Code Execution Vulnerability in Ucweb UC Browser 11.2.5.932 Critical SQL Injection Vulnerability in Navetti PricePoint 4.6.0.0 Persistent Cross Site Scripting Vulnerability in Navetti PricePoint 4.6.0.0 Basic Cross Site Scripting (Reflected) Vulnerability in Navetti PricePoint 4.6.0.0 Critical Cross-Site Request Forgery Vulnerability in Navetti PricePoint 4.6.0.0 Remote Privilege Escalation in Legacy Axis Devices: Exploiting CGI Script Vulnerability InnoSetup Installer Vulnerability: Remote Exploit for Uncontrolled Search Path Uncontrolled Search Path Vulnerability in pgAdmin4 Component of Python 2.7.13 Cross-Site Request Forgery Vulnerability in XYZScripts Contact Form Manager Plugin XYZScripts Contact Form Manager Plugin: Remote Cross Site Scripting Vulnerability Stored Cross-Site Scripting Vulnerability in BestWebSoft Contact Form Plugin 4.0.0 Stored Cross Site Scripting (XSS) Vulnerability in weblizar User Login Log Plugin 2.2.1 Cross-Site Scripting (Persistent) Vulnerability in Elefant CMS 1.3.12-RC Cross-Site Scripting (Persistent) Vulnerability in Elefant CMS 1.3.12-RC Cross-Site Scripting (XSS) Vulnerability in Elefant CMS 1.3.12-RC Title Handler Cross-Site Scripting (Persistent) Vulnerability in Elefant CMS 1.3.12-RC Elefant CMS 1.3.12-RC Remote Cross Site Scripting Vulnerability Cross-Site Request Forgery Vulnerability in Elefant CMS 1.3.12-RC Critical Privilege Escalation Vulnerability in Elefant CMS 1.3.12-RC Critical Code Injection Vulnerability in Elefant CMS 1.3.12-RC Cross-Site Request Forgery Vulnerability in Supsystic Popup Plugin 1.7.6 Improper Access Controls in Adminer Login 1.4.4 Critical SQL Injection Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Management Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Critical Privilege Management Vulnerability in Hindu Matrimonial Script's /admin/googleads.php Critical Privilege Escalation Vulnerability in Hindu Matrimonial Script Local Backdoor Vulnerability in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832 Critical Backdoor Vulnerability in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832 Critical Backdoor Vulnerability in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832 Atahualpa Theme Vulnerability: Remote Cross-Site Scripting (XSS) Exploit Critical Code Injection Vulnerability in VaultPress Plugin 1.8.4 Alpine PhotoTile for Instagram Plugin 1.2.7.7 - Remote Cross-Site Scripting Vulnerability Cross-Site Request Forgery Vulnerability in Atahualpa Theme Cross-Site Scripting (XSS) Vulnerability in Gwolle Guestbook Plugin 1.7.4 Cross-Site Request Forgery Vulnerability in Global Content Blocks Plugin 2.1.5 Cross-Site Request Forgery Vulnerability in File Manager Plugin 3.0.1 Cross-Site Scripting (XSS) Vulnerability in Google Analytics Dashboard Plugin 2.1.1 Cross-Site Request Forgery Vulnerability in Download Manager Plugin 2.8.99 Cross Site Scripting (XSS) Vulnerability in NewStatPress Plugin 1.2.4 Critical Code Injection Vulnerability in Simple Ads Manager Plugin Cross-Site Scripting (XSS) Vulnerability in WP-SpamFree Anti-Spam Plugin 2.1.1.4 Cross-Site Scripting Vulnerability in WP-Filebase Download Manager Plugin 3.4.4 Persistent Cross-Site Scripting Vulnerability in Admin Custom Login Plugin 2.4.5.2 Critical Code Injection Vulnerability in Analytics Stats Counter Statistics Plugin 1.2.2.5 Remote Cross-Site Scripting Vulnerability in Air Transfer 1.0.14/1.2.1 Remote Information Disclosure Vulnerability in ProjectSend r754 Critical Path Traversal Vulnerability in Album Lock 4.0 Critical SQL Injection Vulnerability in Kama Click Counter Plugin up to 3.4.8 Critical SQL Injection Vulnerability in Simplessus 3.7.7 Cookie Handler Critical Path Traversal Vulnerability in Simplessus 3.7.7 Critical Server-Side Request Forgery Vulnerability in Lithium Forum 2017 Q1 Improper Privilege Management Vulnerability in ShadeYouVPN.com Client 2.0.1.11 Cross-Site Scripting (XSS) Vulnerability in Easy Table Plugin 1.6 Information Disclosure Vulnerability in Teleopti WFM up to 7.1.0 Teleopti WFM up to 7.1.0 JSON Manipulation Information Disclosure Vulnerability Critical Privilege Management Vulnerability in Teleopti WFM 7.1.0 Administration Component Critical Privilege Escalation Vulnerability in IVPN Client 2.6.6120.33863 TrueConf Server 4.3.7 - Remote Cross Site Scripting (Stored) Vulnerability Basic Cross Site Scripting (Reflected) Vulnerability in TrueConf Server 4.3.7 Cross-Site Scripting (XSS) Vulnerability in TrueConf Server 4.3.7 Cross-Site Scripting (XSS) Vulnerability in TrueConf Server 4.3.7 Cross-Site Scripting (DOM) Vulnerability in TrueConf Server 4.3.7 Remote Cross-Site Scripting (DOM) Vulnerability in TrueConf Server 4.3.7 Open Redirect Vulnerability in TrueConf Server 4.3.7 Cross-Site Request Forgery Vulnerability in TrueConf Server 4.3.7 Critical Privilege Management Vulnerability in Teradici Management Console 2.2.0 Cross-Site Scripting (XSS) Vulnerability in Bitrix Site Manager 12.06.2015 Critical Untrusted Search Path Vulnerability in Viscosity 1.6.7 Critical SQL Injection Vulnerability in Online Hotel Booking System Pro Plugin 1.0 Critical SQL Injection Vulnerability in Online Hotel Booking System Pro 1.2 Critical SQL Injection Vulnerability in KB Affiliate Referral Script 1.0 Critical SQL Injection Vulnerability in KB Login Authentication Script 1.1 Critical SQL Injection Vulnerability in KB Messages PHP Script 1.0 Critical SQL Injection Vulnerability in LogoStore's search.php Critical SQL Injection Vulnerability in Itech Real Estate Script 3.12 Critical SQL Injection Vulnerability in Itech News Portal 6.28 Critical SQL Injection Vulnerability in Itech Multi Vendor Script 6.49 Critical Vulnerability: Remote Authentication Bypass in Itech Job Portal Script 9.13 Critical SQL Injection Vulnerability in Itech Freelancer Script 5.13 Critical SQL Injection Vulnerability in Itech Dating Script 3.26 Critical SQL Injection Vulnerability in Itech Classifieds Script 7.27 Critical SQL Injection Vulnerability in Itech B2B Script 4.28 Critical SQL Injection Vulnerability in Itech Auction Script 6.49 Critical SQL Injection Vulnerability in Itech Movie Portal Script 7.36 Cross-Site Scripting (XSS) Vulnerability in Itech Movie Portal Script 7.36 Critical SQL Injection Vulnerability in Itech Movie Portal Script 7.36 Critical SQL Injection Vulnerability in Itech Movie Portal Script 7.36 Critical SQL Injection Vulnerability in Itech Movie Portal Script 7.36 Critical Remote Memory Corruption Vulnerability in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 Critical Path Traversal Vulnerability in Tecrail Responsive Filemanger up to 9.10.x Improper CORS Headers Allow Bypass of Same Origin Policy Denial of Service Vulnerability in SmokePing Init Script Root Privilege Escalation Vulnerability in Logcheck on Gentoo Chimay-Red: Remote Code Execution in MikroTik RouterOS Web Server Critical SQL Injection Vulnerability in Challenge Website (VDB-216989) XML External Entity (XXE) Reference Vulnerability in iText RUPS (VDB-217054) Path Traversal Vulnerability in aerouk imageserve Cross Site Scripting (XSS) Vulnerability in aerouk imageserve Denial of Service Vulnerability in ghostlander Phoenixcoin (CVE-2021-217068) Cross-Site Scripting (XSS) Vulnerability in Sterc Google Analytics Dashboard for MODX up to 1.0.5 Critical Command Injection Vulnerability in Exciting Printer Critical Server-Side Request Forgery Vulnerability in Ariadne Component Library (CVE-2021-217140) Cross-Site Scripting (XSS) Vulnerability in vova07 Yii2 FileAPI Widget Cross-Site Scripting (XSS) Vulnerability in rf Keynote up to 0.x on Rails Critical Remote Code Execution Vulnerability in flitto express-param up to 0.x (VDB-217149) Vulnerability in rofl0r MacGeiger's ESSID Handler Allows Injection via dump_wlan_at Function Inefficient Regular Expression Complexity in vercel ms up to 1.x (VDB-217451) Critical SQL Injection Vulnerability in Red Snapper NView (CVE-2021-217516) Critical Open Redirect Vulnerability in Symbiote Seed up to 6.0.2 (VDB-217626) Inefficient Regular Expression Complexity in debug-js debug (up to 3.0.x) in useColors Function (VDB-217665) Vulnerability: Lack of Protection Mechanism in Ecto 2.2.0 for is_nil and raise Interaction Cross Site Scripting (XSS) Vulnerability in Minichan's reports.php Critical SQL Injection Vulnerability in jfm-so piWallet (VDB-218006) Critical SQL Injection Vulnerability in GGGGGGGG ToN-MasterServer (VDB-218306) Critical SQL Injection Vulnerability in ollpu parontalli (VDB-218418) Critical SQL Injection Vulnerability in PrivateSky apersistence (VDB-218457) Critical SQL Injection Vulnerability in get_song_relations function (VDB-218490) Critical SQL Injection Vulnerability in AlexRed Contentmap (CVE-2021-218492) Remote Code Injection Vulnerability in bastianallgeier Kirby Webmentions Plugin Cross-Site Scripting (XSS) Vulnerability in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki Cross Site Scripting (XSS) Vulnerability in ciubotaru share-on-diaspora 0.7.9 Cross-Site Scripting (XSS) Vulnerability in WangGuard Plugin 1.8.0 on WordPress Information Disclosure Vulnerability in Codiad 2.8.0 (Unsupported) Critical Remote Code Execution Vulnerability in InSTEDD Pollit 2.3.1 Insufficient Data Authenticity Verification in Zerocoin libzerocoin (VDB-222318) Critical Path Traversal Vulnerability in hgzojer Vocable Trainer up to 1.3.0 on Android Cross-Site Scripting (XSS) Vulnerability in Mobile Vikings Django AJAX Utilities up to 1.2.1 Cross-Site Scripting (XSS) Vulnerability in External Media without Import Plugin up to 1.0.0 on WordPress Path Traversal Vulnerability in Carlo Gavazzi Powersoft 2.1.1.1: Unrestricted File Download Cross-Site Scripting (XSS) Vulnerability in Fuzzy SWMP (Unsupported) Denial of Service Vulnerability in nikooo777 ckSurf up to 1.19.2 Injection vulnerability in Magnesium-PHP up to 0.3.0 (Unsupported) Cross-Site Scripting (XSS) Vulnerability in Zimbra zm-ajax up to 8.8.1 Arbitrary Code Execution Vulnerability in Clojure Deserialization CubeCart Directory Traversal Vulnerability in Versions Prior to 6.1.4 Access Restriction Bypass in Cybozu Garoon Phone Messages Function Arbitrary Web Script Injection Vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 CSRF Token Leakage Vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 Access Restriction Bypass in Cybozu Garoon 3.0.0 to 4.2.3 Mail Function Access Restriction Bypass Vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 Arbitrary OS Command Execution in smalruby-editor v0.4.0 and Earlier CSRF Vulnerability in Knowledge Versions Prior to v1.7.0 Allows Remote Authentication Hijacking CubeCart Directory Traversal Vulnerability in Versions Prior to 6.1.4 Remote Code Execution Vulnerability in AppGoat Web Application V3.0.0 and Earlier DNS Rebinding Vulnerability in AppGoat Web Application V3.0.1 and Earlier Authentication Bypass Vulnerability in AppGoat Web Application V3.0.0 and Earlier CSRF Vulnerability in AppGoat Web Application V3.0.0 and Earlier Unverified X.509 Certificates Vulnerability in LaLa Call App for Android 2.4.7 and Earlier SSL Certificate Verification Vulnerability in Business LaLa Call App for Android SSL Certificate Verification Vulnerability in TVer App for Android 3.2.7 and Earlier Cross-Site Scripting Vulnerabilities in Webmin Versions Prior to 1.830 Untrusted Search Path Vulnerability in 7-ZIP32.DLL 9.22.00.01 and Earlier Untrusted Search Path Vulnerability in PrimeDrive Desktop Application 1.4.3 and Earlier Information Disclosure Vulnerability in Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 Unverified X.509 Certificates Vulnerability in Access CX App for Android and iOS HTTP Header Injection Vulnerability in TS-WPTCAM, TS-WPTCAM2, TS-WLCE, TS-WLC2, TS-WRLC, TS-PTCAM, and TS-PTCAM/POE Firmware Versions 1.18 and Earlier: Remote Display of False Information Arbitrary OS Command Execution Vulnerability in TS-WPTCAM, TS-WPTCAM2, TS-WLCE, TS-WLC2, TS-WRLC, TS-PTCAM, and TS-PTCAM/POE Firmware Versions 1.18 and Earlier Remote Code Execution Vulnerability in Multiple Firmware Versions of TS-WPTCAM, TS-WPTCAM2, TS-WLCE, TS-WLC2, TS-WRLC, TS-PTCAM, and TS-PTCAM/POE Cross-Site Scripting Vulnerability in Cybozu Office 10.0.0 to 10.5.0 Access Restriction Bypass Vulnerability in Cybozu Office 10.0.0 to 10.5.0 Access Restriction Bypass Vulnerability in Cybozu Office 10.0.0 to 10.5.0 CubeCart Directory Traversal Vulnerability in Versions Prior to 6.1.5 Arbitrary Web Script Injection Vulnerability in WBCE CMS 1.1.10 and Earlier Arbitrary File Read Vulnerability in WBCE CMS 1.1.10 and Earlier Arbitrary SQL Command Execution Vulnerability in WBCE CMS 1.1.10 and Earlier Cross-site scripting vulnerability in Nessus versions 6.8.0-6.9.2 Cross-Site Scripting Vulnerability in OneThird CMS v1.73 Heaven's Door and Earlier via language.php Cross-Site Scripting Vulnerability in OneThird CMS v1.73 Heaven's Door and Earlier CentreCOM AR260S V2 Privilege Escalation Vulnerability Authentication Bypass Vulnerability in WAPM-1166D and WAPM-APG600H Firmware Arbitrary Web Script Injection in YOP Poll versions prior to 5.8.1 Arbitrary OS Command Execution Vulnerability in Website Operator Security Guide Untrusted Search Path Vulnerability in PhishWall Client Internet Explorer Installer Unrestricted Configuration Menu Access in Panasonic KX-HJB1000 Home Unit Devices Arbitrary File Deletion Vulnerability in Panasonic KX-HJB1000 Home Unit Devices SQL Injection Vulnerability in Panasonic KX-HJB1000 Home Unit Devices with Firmware GHX1YG 14.50 or HJB1000_4.47 Cross-Site Scripting Vulnerability in ASSETBASE 8.0 and Earlier Arbitrary Code Injection Vulnerability in WP Statistics Version 12.0.1 and Earlier Arbitrary Script Injection Vulnerability in WP Statistics Version 12.0.4 and Earlier Remote Access Bypass Vulnerability in ProSAFE Plus Configuration Utility CS-Cart Japanese Edition and Multivendor Japanese Edition Authentication Hijacking Vulnerability CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3) Customer Information Disclosure Vulnerability Arbitrary Script Execution Vulnerability in Tablacus Explorer 17.3.30 and Earlier Arbitrary OS Command Execution Vulnerability in WN-G300R3 Firmware 1.03 and Earlier Buffer Overflow Vulnerability in WN-G300R3 Firmware Ver.1.03 and Earlier: Remote Command Execution Access Restriction Bypass in CS-Cart Japanese Edition v4.3.10-jp-1 and earlier File Locking Vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 Session Fixation Vulnerability in Cybozu Garoon 4.0.0 to 4.2.4: Arbitrary Operations via Unspecified Vectors Arbitrary Web Script Injection Vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 Arbitrary Code Injection Vulnerability in WP Statistics Version 12.0.4 and Earlier Cross-Site Scripting Vulnerability in WN-AC1167GR Firmware Version 1.04 and Earlier Untrusted Search Path Vulnerability in SDHC/SDXC Memory Card Software Arbitrary File Read Vulnerability in Booking Calendar 7.0 and Earlier Arbitrary Web Script Injection in Booking Calendar Version 7.1 and Earlier Arbitrary OS Command Execution in WNC01WH Firmware 1.0.0.9 and Earlier Denial of Service Vulnerability in SEIL/x86, SEIL/BPV4, SEIL/X1, SEIL/X2, and SEIL/B1 Untrusted Search Path Privilege Escalation Vulnerability in Hanako Software Buffer Overflow Vulnerability in Hoozin Viewer Versions 2, 3, 4.1.5.15 and earlier, 5.1.2.13 and earlier, and 6.0.3.09 and earlier Untrusted Search Path Vulnerability in Vivaldi Installer for Windows Untrusted Search Path Vulnerability in The Public Certification Service for Individuals The JPKI User's Software ZIP64 Archive Expansion Vulnerability in Lhaplus Versions 1.73 and Earlier FlashAirTM SDHC Memory Card Access Restriction Bypass Vulnerability Default Credentials Vulnerability in FlashAirTM SDHC Memory Card SOY CMS Directory Traversal Vulnerability Arbitrary Code Injection Vulnerability in SOY CMS with Installer 1.8.12 and Earlier Access Restriction Bypass Vulnerability in GroupSession Versions 4.6.4 and Earlier Open Redirect Vulnerability in GroupSession 4.7.0 and Earlier: Phishing Attack Vector Untrusted Search Path Vulnerability in PrimeDrive Desktop Application 1.4.4 and Earlier Arbitrary Code Injection Vulnerability in WP Booking System Arbitrary Code Injection Vulnerability in MaxButtons and MaxButtons Pro Cross-site scripting vulnerability in multiple WordPress plugins Arbitrary Web Script Injection Vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 Cross-Site Scripting Vulnerability in Empirical Project Monitor - eXtended All Versions Cross-Site Scripting Vulnerability in Empirical Project Monitor - eXtended (All Versions) Untrusted Search Path Vulnerability in Empirical Project Monitor - eXtended All Versions Untrusted Search Path Vulnerability in Screensaver Installers Untrusted Search Path Vulnerability in Shogyo Touki Denshi Ninsho Software Installer Untrusted Search Path Vulnerability in Electronic Tendering and Bid Opening System Installer Remote Code Execution Vulnerability in AppGoat Web Application (Versions 3.0.2 and earlier) Local File Disclosure Vulnerability in AppGoat Web Application V3.0.2 and Earlier Unspecified Remote File Access Vulnerability in AppGoat Web Application V3.0.2 and Earlier Unspecified Remote File Access Vulnerability in AppGoat Web Application V3.0.2 and Earlier Arbitrary OS Command Execution via Clock Settings in HOME SPOT CUBE2 Firmware V101 and Earlier Arbitrary Code Execution via Buffer Overflow in HOME SPOT CUBE2 Firmware V101 and Earlier Arbitrary OS Command Execution in HOME SPOT CUBE2 Firmware V101 and Earlier Authentication Bypass Vulnerability in HOME SPOT CUBE2 Firmware Arbitrary Code Injection Vulnerability in WP Live Chat Support Plugin Privilege Escalation via Untrusted Search Path Vulnerability in Denshinouhin Check System Installer Untrusted Search Path Vulnerability in RW-4040 Driver Installer for Windows 7 Version 2.27 Untrusted Search Path Vulnerability in RW-4040 Tool for Windows 7 (v1.2.0.0) Privilege Escalation via Untrusted Search Path in RW-5100 Driver Installer Untrusted Search Path Vulnerability in RW-5100 Tool for Windows 7 and Windows 8.1 Untrusted Search Path Vulnerability in Tera Term Installer Allows Privilege Escalation Cross-Site Scripting Vulnerability in iCodeChecker: Arbitrary Web Script Injection SQL Injection Vulnerability in Multi Feed Reader 2.2.4 and Earlier Versions Untrusted Search Path Vulnerability in SaAT Netizen Installer Untrusted Search Path Vulnerability in SaAT Personal Installer Untrusted Search Path Vulnerability in Electronic Tendering and Bid Opening System Installer Untrusted Search Path Vulnerability in Houkokusyo Sakusei Shien Tool Installer Untrusted Search Path Vulnerability in PatchJGD 1.0.1 Allows Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) Ver. 1.0.1 Untrusted Search Path Vulnerability in TKY2JGD (TKY2JGD1379.EXE) Ver. 1.3.79 Untrusted Search Path Vulnerability in SemiDynaEXE ver. 1.0.2 Untrusted Search Path Vulnerability in AppCheck and AppCheck Pro Untrusted Search Path Vulnerability in Advance Preparation Setup Installer (jizen_setup.exe) Arbitrary Code Injection Vulnerability in WordPress Download Manager Open Redirect Vulnerability in WordPress Download Manager Untrusted Search Path Vulnerability in QuickTime Installer for Windows Untrusted Search Path Vulnerability in Simeji for Windows Installer Untrusted Search Path Vulnerability in CASL II Simulator Installer Untrusted Search Path Vulnerability in Baidu IME Installer (Ver3.6.1.6 and earlier) Arbitrary Script Injection Vulnerability in WP-Members Plugin CSRF Vulnerability in TS-WPTCAM and TS-PTCAM Firmware Versions 1.19 and Earlier Arbitrary Code Injection Vulnerability in Event Calendar WD Untrusted Search Path Vulnerability in EbidSettingChecker.exe (Version 1.0.0.0) Untrusted Search Path Vulnerability in e-Tax Software Setup File Untrusted Search Path Vulnerability in Charamin OMP Installer Untrusted Search Path Vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 Untrusted Search Path Vulnerability in Douroshisetu Kihon Data Sakusei System Ver1.0.2 and Earlier Untrusted Search Path Vulnerability in Douro Kouji Kanseizutou Check Program Ver3.1 Privilege Escalation via Untrusted Search Path Vulnerability in MLIT DenshiSeikabutsuSakuseiShienKensa System Ver3.02 and Earlier Untrusted Search Path Vulnerability in Shinseiyo Sogo Soft Installer Untrusted Search Path Vulnerability in PDF Digital Signature Plugin (G2.30) and Earlier Remote Access to Undocumented Developer Screen in Toshiba Home Gateways Bypassing Access Restriction to Change Administrator Password in Toshiba Home Gateway HEM-GW16A and HEM-GW26A Firmware Hard-coded Credentials Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A Arbitrary OS Command Execution Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A CSRF Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A Firmware Local Resource Access Vulnerability in Marp Versions v0.0.10 and Earlier AssetView for MacOS Ver.9.2.0 and earlier versions Directory Traversal Vulnerability SQL Injection Vulnerability in AssetView for MacOS Ver.9.2.0 and Earlier: Remote Code Execution via File Transfer Web Service Untrusted Search Path Vulnerability in Flets Setsuzoku Tool for Windows Cross-Site Scripting Vulnerability in Responsive Lightbox (<=1.7.2) CSRF Vulnerability in MFC-J960DWN Firmware ver.D and Earlier Arbitrary File Read Vulnerability in Shortcodes Ultimate Untrusted Search Path Vulnerability in Lhaz Installer (Versions 2.4.0 and Earlier) Allows Privilege Escalation via Trojan DLL Untrusted Search Path Vulnerability in Lhaz Self-Extracting Archive Files Untrusted Search Path Vulnerability in Lhaz+ Installer (Version 3.4.0 and Earlier) Untrusted Search Path Vulnerability in Lhaz+ Self-Extracting Archive Files Untrusted Search Path Vulnerability in File Compact Ver.5, Ver.6, and Ver.7 Untrusted Search Path Vulnerability in Yahoo! Toolbar Installer Denial of Service Vulnerability in Cybozu Garoon Application Menu Edit Function Arbitrary Code Injection Vulnerability in Cybozu Garoon's Space Rich Text Function Arbitrary Web Script Injection Vulnerability in Cybozu Garoon's Memo Rich Text Function Arbitrary Web Script Injection Vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 via Mail Function Arbitrary File Read Vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and Earlier Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and Earlier Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and Earlier Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and Earlier Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.2.0.9 and Earlier Untrusted Search Path Vulnerability in FileCapsule Deluxe Portable Ver.2.0.9 and Earlier Untrusted Search Path Vulnerability in AttacheCase Ver.2.8.3.0 and Earlier: Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in AttacheCase Ver. 3.2.2.6 and Earlier CSRF Vulnerability in WMR-433 and WMR-433W Firmware Versions Allows Remote Authentication Hijacking Arbitrary Web Script Injection Vulnerability in WMR-433 and WMR-433W Firmware Arbitrary OS Command Execution Vulnerability in WG-C10 v3.0.79 and Earlier Arbitrary Command Execution Vulnerability in WG-C10 v3.0.79 and Earlier External Storage Access Bypass Vulnerability in WG-C10 v3.0.79 and Earlier SSL Certificate Verification Vulnerability in RBB SPEED TEST App for Android and iOS Untrusted Search Path Vulnerability in Tween Ver1.6.6.0 and Earlier Hardcoded Credentials Vulnerability in WN-AX1167GR Firmware Version 3.00 and Earlier Arbitrary OS Command Execution Vulnerability in WN-AX1167GR Firmware Version 3.00 and Earlier Buffer Overflow Vulnerability in WN-AX1167GR Firmware Version 3.00 and Earlier Hardcoded Credentials Vulnerability in WN-G300R3 Firmware Version 1.0.2 and Earlier Arbitrary Code Injection in Popup Maker Prior to Version 1.6.5 Arbitrary Code Injection Vulnerability in Simple Custom CSS and JS Plugin Untrusted Search Path Vulnerability in NFC Port Software and Related Applications Untrusted Search Path Vulnerability in NFC Port Software Remover Ver.1.3.0.1 and Earlier Untrusted Search Path Vulnerability in LhaForge Ver.1.6.5 and Earlier Untrusted Search Path Vulnerability in Qua Station Connection Tool Installer Privilege Escalation Vulnerability in mcollective-puppet-agent Plugin 1.12.0 Arbitrary Code Execution Vulnerability in MCollective Arbitrary Package Installation Vulnerability in Puppet Enterprise Sensitive Data Exposure in Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 Remote Code Execution via Unsafe YAML Deserialization in Puppet Versions Prior to 4.10.1 Denial of Service Vulnerability in Puppet Enterprise 2017.1.x and 2017.2.1 Authentication Bypass Vulnerability in Puppet Enterprise Arbitrary File Write Vulnerability in mcollective-sshkey-security Plugin Misconfiguration of TLS Trust in puppetlabs-apache module Vulnerability: Crash and Restart of flowd Daemon in Juniper Networks SRX Series Chassis Clusters Denial of Service vulnerability in Juniper Networks products running Junos OS with DHCPv6 enabled Denial of Service Vulnerability in Juniper Networks Junos OS Denial of Service Vulnerability in Juniper Networks Junos OS Etherleak Vulnerability in Juniper Networks QFX and EX Series Devices Insufficient Authorization Check in Juniper Networks Junos Space Allows Privilege Escalation Insufficient Authorization Check Allows Code Execution on Juniper Networks Junos Space Reflected Cross-Site Scripting Vulnerability in Juniper Networks Junos Space Administrative Interface XML External Entity Injection Vulnerability in Juniper Networks Junos Space Information Leak Risk in Juniper Networks Junos Space Cluster with Certificate Based Authentication Firewall Bypass Vulnerability in Juniper Networks Junos Space: Network Integrity Risk Denial of Service Vulnerability in Juniper Networks Junos Space Memory Exhaustion Vulnerability in Juniper Networks Devices Running Junos OS with LDP Enabled Denial of Service Vulnerability in Juniper Networks Junos OS Denial of Service Vulnerability in Juniper Networks Junos OS BGP OPEN Message Handling IPv6 Neighbor Discovery (ND) Packet Flood Vulnerability in Juniper Networks EX Series Ethernet Switches Buffer Overflow Vulnerability in Juniper Networks NorthStar Controller Application Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Vulnerability in Juniper Networks NorthStar Controller Application Allows Unauthorized Log File Access and Privilege Escalation Unauthenticated Compromise of Juniper Networks NorthStar Controller Application Vulnerability in Juniper Networks NorthStar Controller Application: Denial of Service and Information Disclosure Multiple Attack Vectors Exploit Juniper Networks NorthStar Controller Application Vulnerability Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Command Injection Vulnerability in Juniper Networks NorthStar Controller Application Buffer Overflow Vulnerability in Juniper Networks NorthStar Controller Application Information Disclosure Vulnerability in Juniper Networks NorthStar Controller Application Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Information Leak Vulnerability in Juniper Networks NorthStar Controller Application Insufficient Authentication Vulnerability in Juniper Networks NorthStar Controller Application Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Firewall Bypass Vulnerability in Juniper Networks NorthStar Controller Application Insufficient Authentication Vulnerability in Juniper Networks NorthStar Controller Application Persistent Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application Man-in-the-Middle Attack Vulnerability in Juniper Networks NorthStar Controller Application Persistent Cross Site Scripting Vulnerability in Juniper NetScreen Firewall+VPN Reflected Cross Site Scripting Vulnerability in Juniper NetScreen Firewall+VPN Persistent Cross Site Scripting Vulnerability in Juniper NetScreen Firewall+VPN Persistent Cross Site Scripting Vulnerability in Juniper NetScreen Firewall+VPN Persistent Cross Site Scripting Vulnerability in Juniper NetScreen Firewall+VPN Vulnerability in IPv6 ND Packet Processing on Juniper Networks Junos OS Insufficient Authentication Vulnerability in Junos OS Virtualized Environments Misleading reporting of secure link establishment in MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series Hardcoded Credentials Vulnerability in Juniper SRX Series Devices Buffer Overflow Vulnerability in Junos OS Sockets Library Denial of Service and Remote Code Execution Vulnerability in Junos OS SNMP Daemon Denial of Service Vulnerability in Junos OS ALG Denial of Service Vulnerability in Juniper Networks Junos OS rpd Daemon Denial of Service Vulnerability in Juniper Enhanced jdhcpd Daemon Command Injection Vulnerability in Juniper Networks Junos OS on SRX Series Devices Remote Code Execution Vulnerability in Apple WebKit Activation-Lock Bypass Vulnerability in iOS 10.2.1 and Earlier Vulnerability: Bypassing Wrist-Presence Protection in Apple Watch via Unlock with iPhone Bluetooth Use-After-Free Vulnerability in macOS 10.12.3 and Earlier Remote Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in macOS IOAudioFamily Component Allows Information Disclosure Privilege Escalation and Memory Corruption Vulnerability in macOS Graphics Drivers Address Bar Spoofing Vulnerability in Safari Kernel Use-After-Free Vulnerability in Apple Products XSS Vulnerability in macOS Help Viewer Component Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in WebKit Remote Code Execution Vulnerability in Apple WebKit Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in WebKit Denial of Service Vulnerability in iOS Contacts Component Remote Code Execution Vulnerability in Apple WebKit Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Remote Popup Launch Vulnerability in iOS WebKit Component Remote Code Execution and Denial of Service Vulnerability in GarageBand and Logic Pro X Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution and Denial of Service Vulnerability in GarageBand CallKit Call History Uploading Vulnerability Address Bar Spoofing Vulnerability in iOS and Safari WebKit Web Inspector Denial of Service Vulnerability Arbitrary Code Execution and Bookmark Spoofing Vulnerability in iOS and Safari Remote Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability: Cryptographic Protection Bypass in iOS Profiles Component Privilege Escalation Vulnerability in macOS sudo Component User Account Enumeration Vulnerability in macOS Server's Wiki Server Component Cleartext Client-Certificate Transmission Vulnerability in Apple iCloud and iTunes Privacy Leakage in Safari's Private Browsing Mode Safari Login AutoFill Keychain Access Vulnerability Remote Code Execution Vulnerability in WebKit Unverified SSL Certificates in Apple Music for Android: A Man-in-the-Middle Vulnerability Denial of Service Vulnerability in macOS IOFireWireFamily Component HTTP Authentication Sheet Spoofing and Denial of Service Vulnerability in Safari Arbitrary Directory Permission Change Vulnerability in Apple Products iWork PDF Password Protection Bypass Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Safari's WebKit Component Universal XSS Vulnerability in Safari Reader Component Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Apple iOS Lock Screen iCloud Authentication Prompt Information Disclosure Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel iOS Pasteboard Encryption Key Vulnerability SafariViewController Cache Synchronization Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Vulnerability: Profile Uninstall Actions Bypass in macOS 10.12.4 and earlier Remote Code Execution Vulnerability in macOS Printing Component Remote Code Execution via Quick Look in iOS 10.3 and earlier Remote Code Execution Vulnerability in WebKit Web Inspector FontParser Remote Code Execution Vulnerability FontParser Remote Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOATAFamily Component Vulnerability in Menus Component of macOS Allows Information Disclosure and Denial of Service Arbitrary Code Execution Vulnerability in macOS Kernel Insecure Exchange Rate Retrieval in iOS Prior to 11.2 Cleartext HTTP Vulnerability in iTunes Store Component of iOS Remote Code Execution Vulnerability in QuickTime Component Remote Access to Exchange Traffic Vulnerability Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution and Denial of Service Vulnerability in ImageIO Component Denial of Service Vulnerability in CoreGraphics Component Vulnerability in macOS Hypervisor Allows Unauthorized Access to CR8 Control Register Remote Bypass of Content Security Policy Protection in Apple iOS and Safari Vulnerability in macOS Bluetooth Component Allows Arbitrary Code Execution or Denial of Service Race Condition Vulnerability in AppleGraphicsPowerManagement Component Vulnerability in macOS Multi-Touch Component Allows Arbitrary Code Execution Bypassing Access Restrictions in Apple's Security Component Remote Information Disclosure Vulnerability in Apple iOS and Safari Double Free Vulnerability in SecurityFoundation Component of macOS Remote Information Disclosure Vulnerability in iBooks Component Vulnerability in macOS Bluetooth Component Allows Arbitrary Code Execution or Denial of Service Unspecified Impact Vulnerability in Apple Products Remote Bypass of Access Restrictions in macOS FinderKit Component Audio File Remote Code Execution Vulnerability Remote Code Execution Vulnerability in CoreMedia Component of macOS Remote Code Execution and Denial of Service Vulnerability in ImageIO Component Arbitrary Code Execution and Denial of Service Vulnerability in iOS and Safari Vulnerability in HomeKit Component Allows Unspecified Impact on iOS Devices Arbitrary Code Execution and Denial of Service Vulnerability in CoreText Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOFireWireAVC Component Privilege Escalation and Denial of Service Vulnerability in macOS IOFireWireAVC Component AppleRAID Use-After-Free Vulnerability FontParser Vulnerability: Remote Information Disclosure and Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Use-after-free vulnerability in libc++abi component allows remote code execution Remote Code Execution Vulnerability in WebKit JavaScript Bindings Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Remote Code Execution and Denial of Service Vulnerability in CoreGraphics Universal XSS Vulnerability in Apple Products Arbitrary Code Execution Vulnerability in Apple Products' WebKit Component Remote Code Execution Vulnerability in WebKit Vulnerability: iCloud Keychain Secret Bypass via OTR Packet Authentication Flaw Bluetooth Use-After-Free Vulnerability in macOS 10.12.4 and Earlier Remote Code Execution Vulnerability in CoreText Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple's Security Component Lock Screen Text Message Disclosure Vulnerability Remote FaceTime Prompt Spoofing Vulnerability Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Race Condition Vulnerability in Apple Kernel Component Allows Arbitrary Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in iOS and Safari Buffer Overflow Vulnerability in Apple Keyboards Component Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Denial of Service Vulnerability in Apple CoreText Component Audio File Remote Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution and Denial of Service Vulnerability in Apple ImageIO Component Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Remote Code Execution Vulnerability in Apple WebKit Use-After-Free Vulnerability in WebKit Allows Remote Code Execution Kernel Use-After-Free Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Off-by-one Error in Kernel Allows Arbitrary Code Execution Universal XSS Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple WebKit Denial of Service Vulnerability in macOS libxslt Component Race Condition Vulnerability in Apple Kernel Component Allows Arbitrary Code Execution Remote Code Execution Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple WebKit Buffer Overflow Vulnerability in Apple Kernel Component Allows Arbitrary Code Execution Buffer Overflow Vulnerability in Apple Kernel Component Allows Arbitrary Code Execution Arbitrary Telephone Call Triggering Vulnerability in iOS Phone Component Remote Code Execution and Denial of Service Vulnerability in Apple's Security Component Address Bar Spoofing Vulnerability in iOS and Safari FontParser Remote Code Execution Vulnerability Cleartext Password Capture Vulnerability in Remote Desktop Authentication Protocol Vulnerability in Intel Graphics Driver Allows Kernel Memory Information Disclosure Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Use After Free Vulnerability in String.replace Method in Apple Safari in iOS Universal XSS (UXSS) Vulnerability in Apple iOS, Safari, and tvOS Remote Code Execution Vulnerability in Apple WebKit Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel Denial of Service Vulnerability in Safari's History Menu Interaction Remote Code Execution Vulnerability in iOS and Safari Arbitrary URL Visit Vulnerability in iBooks Component Untrusted Certificate Bypass Vulnerability in iOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Address Bar Spoofing Vulnerability in Safari Race Condition Vulnerability in Apple Kernel Component Allows Arbitrary Code Execution Memory-read bypass vulnerability in CoreAudio component Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Universal XSS Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in iOS and Safari Memory-read bypass vulnerability in Apple Kernel component Universal XSS Vulnerability in Apple iOS and Safari Memory-read bypass vulnerability in macOS Kernel Universal XSS Vulnerability in iOS and Safari Address Bar Spoofing Vulnerability in Safari Sandbox Escape Vulnerability in macOS 10.12.5 and Earlier Use-after-free vulnerability in SQLite component allows remote code execution or denial of service Remote Code Execution Vulnerability in iOS and Safari Remote Code Execution and Denial of Service Vulnerability in Apple Products Memory-read bypass vulnerability in macOS Kernel Address Bar Spoofing Vulnerability in iOS Safari Buffer Overflow Vulnerability in SQLite Component Allows Remote Code Execution Remote Code Execution and Denial of Service Vulnerability in Apple Products Buffer Overflow Vulnerability in SQLite Component Allows Remote Code Execution Remote Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in CoreFoundation Remote Code Execution and Denial of Service Vulnerability in Apple Foundation Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple's TextInput Component Remote Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in iOS and Safari Remote Code Execution and Denial of Service Vulnerability in macOS CoreAnimation Universal XSS Vulnerability in Apple iOS and Safari Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Products Race Condition Vulnerability in DiskArbitration Component Allows Arbitrary Code Execution Sandbox-Escape Vulnerability in macOS Speech Framework Vulnerability in macOS Security Component Allows Sandbox-Escape Attacks and Denial of Service Remote Code Execution and Denial of Service Vulnerability in Apple Products Privilege Escalation and Denial of Service Vulnerability in macOS WindowServer Component Remote Code Execution Vulnerability in iOS and Safari Remote Code Execution Vulnerability in iOS and Safari Memory-read bypass vulnerability in macOS WindowServer component Privilege Escalation and Denial of Service Vulnerability in macOS WindowServer Component Vulnerability in macOS Multi-Touch Component Allows Arbitrary Code Execution Vulnerability in macOS Multi-Touch Component Allows Arbitrary Code Execution Remote Code Execution Vulnerability in iOS and Safari Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOGraphics Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel Remote Code Execution Vulnerability in iOS and Safari Privilege Escalation and Denial of Service Vulnerability in macOS WindowServer Component Universal XSS Vulnerability in Apple Products Insecure Backup File Naming in Easy Joomla Backup v3.2.4 Brute Force Vulnerability in BackWPup Plugin Allows Unauthorized Backup File Download NULL Pointer Dereference Vulnerability in libbpg 0.9.7 Improper Attribute Sanitization in Moodle 2.x and 3.x Forums XSS Vulnerability in Moodle 3.x Assignment Submission Page Out-of-Bounds Read Vulnerability in netpbm before 10.61 Allows Code Execution Critical Out-of-Bounds Write Vulnerability in netpbm: Risk of Application Crash and Code Execution Critical Out-of-Bounds Write Vulnerability in netpbm (CVE-XXXX) SAML Message Parsing Vulnerability in Keycloak Improper Emulation of MOV SS, NULL Selector Instruction in Linux Kernel Allows Privilege Escalation Use-after-free vulnerability in Linux kernel allows information disclosure or denial of service Timing Attack Vulnerability in Red Hat Keycloak Null Pointer Dereference Vulnerability in netpbm 10.61: Crash Triggered by Malicious SVG File Memory Allocation Vulnerability in netpbm 10.61: Application Crash via Malicious SVG File Shared Cookie Vulnerability in hawtio Servlet 1.4 Vulnerability in IPA before 4.4: Unauthorized CA Modification Leading to Denial of Service Improper NULL Termination in attribute uniqueness Plugin of 389 Directory Server Information Disclosure in python-oslo-middleware Path Traversal Vulnerability in Hawtio Allows for Information Disclosure Arbitrary File Read Vulnerability in Red Hat JBoss Enterprise Application Log File Viewer Improper Emulation of VMXON Instruction in Linux Kernel Allows Denial of Service Jenkins Vulnerability: AES ECB Block Cipher Mode Without IV for Secret Encryption (SECURITY-304) Insufficient Permission Check Vulnerability in Jenkins (SECURITY-321) Information Disclosure Vulnerability in Jenkins Node Monitor API (SECURITY-343) Persisted Cross-Site Scripting Vulnerability in Jenkins Parameter Names and Descriptions (SECURITY-353) Improper Blacklisting of Pipeline Metadata Files in Jenkins (SECURITY-358) User Data Leak in Jenkins Disconnected Agents' Config.xml API (SECURITY-362) Vulnerability: Inconsistent Permission Checks in Jenkins Administrative Monitors (SECURITY-371) Information Exposure Vulnerability in Jenkins Internal API (SECURITY-380) Persisted Cross-Site Scripting Vulnerability in Jenkins Console Notes (SECURITY-382) Remote Code Execution Vulnerability in Jenkins (SECURITY-383) Information Disclosure Vulnerability in Jenkins Search Suggestions Persisted Cross-Site Scripting Vulnerability in Jenkins Search Suggestions (SECURITY-388) Insufficient Permission Check for Periodic Processes in Jenkins (SECURITY-389) Jenkins Vulnerability: Low Privilege User Override of JDK Download Credentials (SECURITY-392) CSRF Vulnerability in Jenkins Allows Unauthorized User Creation Password Change Vulnerability in ovirt-aaa-jdbc-tool Tools Out-of-Bounds Access Vulnerability in QEMU's Cirrus CLGD 54xx VGA Emulator Support Race Condition in su Allows Killing Processes with Root Privileges Remote Code Execution via File Upload in Hawtio Linux Kernel Null Write Vulnerability Samba Symlink Race Vulnerability Out-of-Bounds Access Vulnerability in QEMU's Cirrus CLGD 54xx VGA Emulator Support OpenStack Orchestration (heat) Service Log Directory Access-Control Vulnerability OpenStack Workflow (Mistral) Service Log Directory World Readable Vulnerability Insecure GPG Signature Verification in rpm-ostree and rpm-ostree-client Efficient Brute Force Attack Vulnerability in xorg-x11-server Weak Entropy in libXdmcp Allows Session Hijacking Weak Entropy in libICE Key Generation: A Potential Session Hijacking Vulnerability Openstack-tripleo-common: Excessive Permissions in Sudoers File Improper Backporting of CVE-2015-3148 Fix in RHEL 6 Curl Incorrect TLS Certificate Status Request Extension in curl (CVE-2016-8615) Stack Buffer Overflow Vulnerability in QEMU NBD Client Privilege Escalation Vulnerability in CloudForms Role Validation Vulnerability: Out-of-Bounds Memory Access in QEMU VNC Display Driver Linux Kernel DCCP Implementation Memory Corruption Vulnerability NULL Pointer Dereference Vulnerability in libvirt Race condition vulnerability in Linux kernel's n_hdlc.c driver allows local users to gain privileges or cause denial of service OpenStack Platform Director TripleO Libvirtd Design Flaw Vulnerability Insecure Authentication Enforcement in Infinispan REST API Vulnerability: Server Hostname Verification Bypass in CloudForms Out-of-Bounds Write Vulnerability in Pidgin XML Processing User Preferences SQL Injection Vulnerability in Moodle 2.x and 3.x User Fullname Disclosure Vulnerability in Moodle 3.x User Name Disclosure Vulnerability in Moodle 3.2.x Global Search XSS Vulnerability in Moodle 3.x: Exploiting Evidence of Prior Learning XSS Vulnerability in Moodle 3.x: Attachments to Evidence of Prior Learning Denial of Service Vulnerability in Keycloak 2.5.5 and Earlier NULL Pointer Dereference and System Crash Vulnerability in Linux Kernel's KEYS Subsystem Jenkins SSH Slaves Plugin Vulnerability: Lack of Host Key Verification Active Directory Plugin for Jenkins: Man-in-the-Middle Vulnerability Pipeline: Classpath Step Jenkins Plugin Vulnerability Information Disclosure Vulnerability in Jenkins Mailer Plugin Arbitrary Shell Command Execution Vulnerability in Distributed Fork Plugin for Jenkins Unused Delete Routes Vulnerability in CloudForms Information Exposure in Jenkins Email Extension Plugin Clickjacking Vulnerability in Dashbuilder Login Page GSSAPI Authentication Failure Leak in Dropbear Cross-Site Scripting Vulnerability in ClusterLabs pcs (before version 0.9.157) Vulnerability: Inconsistent Filter Enforcement in Foreman's Katello Plugin Unprivileged User Access and Privilege Escalation Vulnerability in subscription-manager's DBus Interface Privilege Escalation in CloudForms Management Engine Insecure Storage of MongoDB Skyring Database Password in Plain Text Undertow HTTP Request Line Parsing Vulnerability Insecure SSL Certificate Verification in Hammer CLI LDAP Bind Request Invalid Pointer Dereference Vulnerability Dovecot Denial of Service Vulnerability Denial of Service Vulnerability in Undertow Websocket Server Late Lock Acquisition in ping_unhash Function in Linux Kernel Allows for Denial of Service Insecure Logging of Passwords in Foreman OpenStack Keystone Federation Configuration Vulnerability Stored XSS Vulnerability in JBoss BRMS 6 and BPM Suite 6 before 6.4.3 via Business Central Lists Local Privilege Escalation Vulnerability in Little Snitch Installer PROFINET DCP Broadcast Packet Denial of Service Vulnerability Denial of Service Vulnerability in SIMATIC HMI Multi Panels, HMI Mobile Panels, and S7-300/S7-400 Devices via PROFINET DCP Packets Siemens RUGGEDCOM NMS < V1.2 Cross-Site Request Forgery (CSRF) Vulnerability Persistent XSS Vulnerability in Siemens RUGGEDCOM NMS < V1.2 Siemens SIMATIC Logon Authentication Bypass Vulnerability TLS Session Data Manipulation Vulnerability in Siemens SINUMERIK Integrate Operate Clients Arbitrary File Read Vulnerability in Siemens RUGGEDCOM ROX I (all versions) Reflected Cross-Site Scripting Vulnerability in Siemens RUGGEDCOM ROX I (all versions) Integrated Web Server CSRF Vulnerability in Siemens RUGGEDCOM ROX I Web Server Siemens RUGGEDCOM ROX I: Authenticated User Bypass Vulnerability Denial of Service (DoS) Vulnerability in SoftCo and eSpace U-Series Devices Lock-Screen Bypass Vulnerability in Huawei P9 Versions Earlier than EVA-AL10C00B373, EVA-CL00C92B373, EVA-DL00C17B373, EVA-TL00C01B373 Privilege Elevation Vulnerability in Keyguard Application Path Traversal Vulnerability in Multiple Huawei Devices Uncontrolled Calling Permissions in HwVmall AlarmService Component Directory Traversal Vulnerability in TIT-AL00C583B211 Email Application Buffer Overflow Vulnerability in CAM-L21C10B130 and Earlier Versions Buffer Overflow Vulnerability in Goldeneye Driver: System Crash and Privilege Escalation Buffer Overflow Vulnerability in ddr_devfreq Driver: Privilege Escalation and System Crash Privilege Elevation Vulnerability in Huawei Themes APP Allows Arbitrary Code Execution DoS Vulnerability in AC6005 and AC6605 with V200R006C10 Software Denial of Service (DoS) Vulnerability in Mate 9 Software MHA-AL00AC00B125 Phone Finder Vulnerability: Bypassing and Unauthorized Owner Identification in Pre-MHA-AL00C00B170 Versions Phone Finder Bypass Vulnerability Information Exposure Vulnerability in Huawei Smarthome and Other Apps Phone Activation Bypass Vulnerability in Huawei P9 Smartphones Directory Traversal Vulnerability in Mate 9 Smartphones with Software MHA-AL00AC00B125 Privilege Escalation Vulnerability in Push Module of Mate 9 Smartphones Authentication Bypass Vulnerability in 'Find Phone' Function of Nice Smartphones Denial of Service Vulnerability in HiGame and SkyTone Software Factory Reset Protection (FRP) Bypass Vulnerability Touchscreen Driver Input Validation Vulnerability in P9 Plus Smartphones Ethernet in the First Mile (EFM) Flapping Vulnerability in S3300 V100R006C05 Insufficient Input Validation Vulnerability in HUAWEI P9 Smartphones Buffer Overflow Vulnerability in GaussDB of FusionSphere OpenStack Brute-Force Password Cracking Vulnerability in Huawei Files APP Buffer Overflow Vulnerability in Mate 9 CameraFS Driver Allows System Crash and Privilege Escalation Integer Overflow Vulnerability in Honor 8 Pro Modem System Command Injection Vulnerabilities in FusionSphere OpenStack V100R006C00 and V100R006C10RC2 Command Injection Vulnerabilities in FusionSphere OpenStack V100R006C00 and V100R006C10RC2 Hard-coded Cryptographic Key Vulnerability in FusionSphere OpenStack V100R006C00 Vulnerability: Factory Reset Protection (FRP) Bypass on Huawei Smart Phones Input Validation Vulnerability in Multiple Huawei Products Plaintext Storage Vulnerability in Huawei Files APP: Exposing Safe Passwords Buffer Overflow Vulnerability in Bastet P10 Plus and P10 Smart Phones Buffer Overflow Vulnerability in Bastet P10 Plus and P10 Smart Phones Buffer Overflow Vulnerability in Bastet P10 Plus and P10 Smart Phones Privilege Escalation Vulnerability in Huawei P9 Smart Phones Bluetooth Unlock Bypass Vulnerability in Huawei Honor 6X Berlin-L22C636B150 and Earlier Versions Buffer Overflow Vulnerability in Honor 5A Smart Phones' Boot Loaders Information Leak Vulnerability in HUAWEI HiLink and Tech Support Apps for iOS Vulnerability: Denial of Service (DoS) in P9 Plus Smart Phones Information Leak Vulnerability in Huawei Hilink APP Versions Earlier than 5.0.25.306 Information Leak Vulnerability in Honor 6X Smartphones Denial of Service (DoS) Vulnerability in P9 Plus Smartphones with Software Versions Earlier than VIE-AL10BC00B386 Exposed System Interface Vulnerability in TIT-AL00 Smartphones with Earlier Software Versions Command Injection Vulnerability in VCM5010 Software Versions Earlier than V100R002C50SPC100 Arbitrary File Upload Vulnerability in VCM5010 Software Versions Earlier than V100R002C50SPC100 Authentication Bypass and Arbitrary File Upload Vulnerabilities in VCM5010 Software Versions Earlier than V100R002C50SPC100 Vulnerability: Insecure Transfer of Huawei Vmall APP Upgrade Package Allows MITM Attacks Local Unauthorized Elevation of Privilege Vulnerability in HP ThinPro Command Line Shell Arbitrary Code Execution Vulnerability in HP PageWide and OfficeJet Pro Printers Denial of Service Vulnerability in HP Web Jetadmin before 10.4 SR2 Potential Cross Site Scripting (XSS) Vulnerability in HP Enterprise Printers and MFPs Arbitrary Binary Extraction Vulnerability in HP Support Assistant (Before 12.7.26.1) Stored Cross-Site Scripting Vulnerability in HP JetAdvantage Security Manager Stored Cross-Site Scripting Vulnerability in HP JetAdvantage Security Manager SMTP Server Credential Exposure Vulnerability Insecure Login Transactions in Isaac Mizrahi Smartwatch App Pose Security Risk Insufficient Solution DLL Signature Validation Vulnerability in HP Printers BIOS Password Extraction Vulnerability on Early 2014 Consumer Notebooks Incomplete Obfuscation of Application Configuration Information in Tommy Hilfiger TH24/7 Android App Authentication Bypass Vulnerability in EMC Isilon InsightIQ Unverified Password Change Vulnerability in EMC Documentum eRoom Versions 7.4.4 and Prior Java RMI Remote Code Execution Vulnerability in EMC Network Configuration Manager (NCM) Improper Authentication Vulnerability in EMC Network Configuration Manager (NCM) Unauthenticated JWT Signing Algorithm Vulnerability in Pivotal PCF Elastic Runtime Memory Corruption Vulnerability in LabVIEW's LvVariantUnflatten Functionality Heap Overflow Vulnerability in Iceni Argus Version 6.6.05's ipStringCreate Function LabVIEW RSRC Segment Parsing Memory Corruption Vulnerability Heap Buffer Overflow in InsideSecure MatrixSSL 3.8.7b X509 Certificate Parsing Heap Buffer Overflow in InsideSecure MatrixSSL 3.8.7b X509 Certificate Parsing Integer Overflow Vulnerability in InsideSecure MatrixSSL 3.8.7b X509 Certificate Parsing Heap Corruption Vulnerability in Antenna House DMC HTMLFilter Stack Pointer Invalid Free Vulnerability in ARM mbed TLS Heap-based Buffer Overflow in Pharos PopUp Printer Client v9.0 Allows Remote Code Execution Denial of Service Vulnerability in Pharos PopUp Printer Client 9.0: Exploiting Out of Bounds Read in psnotifyd Heap-based Buffer Overflow in Pharos PopUp Printer Client v9.0 Heap-based Buffer Overflow in Pharos PopUp Printer Client v9.0 Heap-based Buffer Overflow in JustSystems Ichitaro Office 2016 Trial Heap-based Buffer Overflow in JustSystems Ichitaro Office when Processing Record Type 0x3c from Excel Workbook Stream Memory Corruption Vulnerability in JustSystems Ichitaro 2016 Trial when Opening Specially Crafted PowerPoint File Heap Corruption Vulnerability in Antenna House DMC HTMLFilter Allows Arbitrary Code Execution Heap Corruption Vulnerability in Antenna House DMC HTMLFilter Stack-based Buffer Overflow in AntennaHouse DMC HTMLFilter Allows Arbitrary Code Execution Heap Corruption Vulnerability in Antenna House DMC HTMLFilter Heap Overflow Vulnerability in AntennaHouse DMC HTMLFilter: Exploiting ParseEnvironment Functionality Heap Corruption Vulnerability in Antenna House DMC HTMLFilter Heap Corruption Vulnerability in Antenna House DMC HTMLFilter X509 Certificate Validation Vulnerability in wolfSSL through 3.10.2: Remote Code Execution and Denial of Service X509 Certificate Verification Vulnerability in Randombit Botan Cryptographic Library DLL Hijacking Vulnerability in Dell Precision Optimizer Software Remote Out of Bound Write Vulnerability in Core PHOTO-PAINT X8 (64-bit) TIFF Parsing Remote Out of Bound Write Vulnerability in Core PHOTO-PAINT X8 18.1.0.661 TIFF Parsing Functionality Stack-based Buffer Overflow in Foscam C1 Indoor HD Camera Web Management Interface Arbitrary Read Vulnerability in Lexmark Perspective Document Filters XLS Parsing Buffer Overflow Vulnerability in Ledger-CLI 3.1.1 Tag Parsing Functionality Use-After-Free Vulnerability in Ledger-CLI 3.1.1 Account Parsing Component Arbitrary Command Execution in Ansible-Vault YAML Loading Arbitrary Command Execution in Tablib 0.11.4 via Databook Loading Vulnerability JPEG 2000 Image Parsing Code Execution Vulnerability in Kakadu SDK 7.9 Kakadu SDK 7.9 Code Execution Vulnerability via JPEG 2000 File JPEG 2000 Parser Integer Overflow Vulnerability in IrfanView 4.44 Heap Overflow Vulnerability in Poppler 0.53.0 Image Rendering Functionality OpenFire User Import Export Plugin 2.6.0 - XML Entity Injection Vulnerability Buffer Overflow Vulnerability in LibOFX 0.9.11 Tag Parsing Functionality Stack Buffer Overflow Vulnerability in PowerISO 6.8 ISO Parsing Functionality Heap Overflow Vulnerability in Poppler 0.53.0 Image Rendering Functionality Heap-based Buffer Overflow in Hancom Thinkfree Office NEO 9.6.1.4902 Hangul Word Processor Component Integer Overflow Vulnerability in freedesktop.org Poppler 0.53.0 JPEG 2000 Image Parsing Use-After-Free Vulnerability in Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452 Code Execution Vulnerability in Lexmark Perceptive Document Filters 11.3.0.2400 Image Rendering Functionality PowerISO 6.8 Use-After-Free Vulnerability in .ISO Parsing Functionality Zabbix Server 2.4.X Trapper Command Injection Remote Code Execution Vulnerability Zabbix Server 2.4.x Trapper Functionality Database Write Vulnerability Zabbix Server Information Disclosure Vulnerability Command Injection Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Command Injection Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Directory Traversal Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Command Injection Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Command Injection Vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 Out-of-Bounds Write Vulnerability in FreeRDP 2.0.0-beta1+android11 Authentication Functionality RDP Receive Functionality Out-of-Bounds Write Vulnerability in FreeRDP 2.0.0-beta1+android11 Denial of Service Vulnerability in FreeRDP 2.0.0-beta1+android11 Denial of Service Vulnerability in FreeRDP 2.0.0-beta1+android11 Denial of Service Vulnerability in FreeRDP 2.0.0-beta1+android11 Denial of Service Vulnerability in FreeRDP 2.0.0-beta1+android11 Buffer Overflow Vulnerability in EZB Systems UltraISO 9.6.6.3300 ISO Parsing Functionality Command Injection Vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 Arbitrary Command Execution via Crafted HTTP Request in Foscam C1 Indoor HD Camera Arbitrary Command Execution via Crafted HTTP Request in Foscam C1 Indoor HD Camera Arbitrary Command Execution via Crafted HTTP Request in Foscam C1 Indoor HD Cameras Command Injection Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Command Injection Vulnerability in Foscam C1 Indoor HD Cameras Command Injection Vulnerability in Foscam C1 Indoor HD Cameras Command Injection Vulnerability in Foscam C1 Indoor HD Cameras Command Injection Vulnerability in Foscam C1 Indoor HD Cameras Arbitrary Character Injection Vulnerability in Foscam C1 Indoor HD Cameras Buffer Overflow Vulnerability in Foscam C1 Indoor HD Cameras Unserialization Denial-of-Service Vulnerability in Natus Xltek NeuroWorks 8 Stack Buffer Overflow in Natus Xltek NeuroWorks 8's RequestForPatientInfoEEGfile Functionality Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's DDNS Client Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's DDNS Client Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's DDNS Client Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's DDNS Client Denial-of-Service Vulnerability in Natus Xltek NeuroWorks 8 List Traversal Denial-of-Service Vulnerability in Natus Xltek NeuroWorks 8 KeyTrees Lookup Entry Functionality Denial of Service Vulnerability in Natus Xltek NeuroWorks 8 NewProducerStream Command Heap Overflow Vulnerability in Gdk-Pixbuf's gdk_pixbuf__jpeg_image_load_increment Functionality PDF Parsing Out-of-Bounds Write Vulnerability in Infix 7.1.5 Authentication Bypass Vulnerability in Circle with Disney Firmware Update Exploit in Circle with Disney Allows Remote Code Execution OS Command Injection in Circle with Disney's /api/CONFIG/backup Functionality Stack Buffer Overflow in Natus Xltek NeuroWorks 8's SavePatientMontage Functionality Stack Buffer Overflow in Natus Xltek NeuroWorks 8's NewProducerStream Functionality Stack Buffer Overflow in Natus Xltek NeuroWorks 8 OpenProducer Functionality Integer Overflow Vulnerability in Gdk-Pixbuf's tiff_image_parse Functionality Foscam C1 Indoor HD Camera Firmware Recovery Vulnerability Foscam C1 Indoor HD Camera Firmware Upgrade Vulnerability Command Injection Vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.43 Information Disclosure Vulnerability in Foscam C1 Indoor HD Camera's Multi-Camera Interface Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's Multi-Camera Interface Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's Multi-Camera Interface Unauthenticated Factory Reset Vulnerability in Foscam C1 Indoor HD Camera Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera Web Management Interface Buffer Overflow Vulnerability in Foscam C1 Indoor HD Camera's UPnP Implementation Memory Corruption Vulnerability in Computerinsel Photoline 20.02 GIF Parsing Functionality Circle with Disney Firmware 2.0.1 Torlist Update Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Circle with Disney Firmware 2.0.1 Remote Code Execution Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1 User Photo Update Functionality Memory Corruption Vulnerability Stack-based Buffer Overflow in GNOME libsoup 2.58 Allows Remote Code Execution ACDSee Ultimate 10.0.0.292 .PSD Parsing Out of Bounds Write Vulnerability Buffer Overflow Vulnerability in SDL_image 2.0.1 XCF Property Handling Integer Overflow Vulnerability in SDL 2.0.5 RGB Surface Creation Circle with Disney API Daemon Denial of Service Vulnerability OS Command Injection in Circle with Disney Firmware 2.0.1 via /api/CONFIG/restore Endpoint Use-after-free vulnerability in Cesanta Mongoose 6.8 HTTP Server Implementation Arbitrary Memory Read Vulnerability in Cesanta Mongoose 6.8 MQTT Packet Parsing NULL Pointer Dereference Vulnerability in Cesanta Mongoose 6.8 MQTT Packet Parsing Stack Buffer Overflow in Cesanta Mongoose 6.8 MQTT Packet Parsing Functionality Arbitrary Memory Read Vulnerability in Cesanta Mongoose 6.8 MQTT Packet Parsing Out-of-Bounds Write Vulnerability in libxls 1.4 Allows Remote Code Execution Out-of-Bounds Write Vulnerability in libxls 1.4 Allows Remote Code Execution Firmware Update Signature Verification Bypass in Circle with Disney Blender 2.78c TIFF Loading Integer Overflow Vulnerability Integer Overflow and Buffer Overflow in Blender PNG Loading Functionality Integer Overflow and Buffer Overflow in Blender's IRIS Loading Functionality Blender 2.78c Integer Overflow and Buffer Overflow Vulnerability via DPX Loading Blender 2.78c Integer Overflow and Buffer Overflow Vulnerability via DPX Loading Integer Overflow and Buffer Overflow in Blender's RADIANCE Loading Functionality Blender 2.78c BMP Loading Integer Overflow Vulnerability Blender 2.78c Integer Overflow and Buffer Overflow Vulnerability via Malicious '.avi' File Blender 2.78c Integer Overflow and Buffer Overflow Vulnerability via Malicious '.avi' File Blender 2.78c Thumbnail Integer Overflow Vulnerability Infinite Loop Denial of Service Vulnerability in Cesanta Mongoose 6.8 DNS Server Out-of-bounds Write Vulnerability in libxls 2.0 Allows Remote Code Execution Remote Control Functionality SSL Certificate Vulnerability Remote Control Functionality SSL Certificate Spoofing Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Filtering Functionality SSL Certificate Vulnerability Circle with Disney API Daemon Authentication Bypass Vulnerability Arbitrary Command Execution via WiFi Configuration in Circle with Disney Firmware 2.0.1 Arbitrary File Overwrite Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1 - OS Command Injection via Notifications Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Stack-based Buffer Overflow in libxls 1.3.4's xls_getfcell Function Allows Remote Code Execution Memory Corruption Vulnerability in Computerinsel Photoline 20.02's .SVG Parsing Functionality Websocket Protocol Integer Overflow Vulnerability in Cesanta Mongoose 6.8 Use-after-free vulnerability in Cesanta Mongoose 6.8 Websocket Protocol Implementation Heap-based Buffer Overflow in FreeXL's 'read_biff_next_record' Function Heap-based Buffer Overflow in FreeXL's read_legacy_biff Function Allows Remote Code Execution Memory Corruption Vulnerability in Adobe Flash Player JPEG XR Codec Memory Corruption Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Heap Overflow Vulnerability in Adobe Flash Player Processing Adobe Texture Format Files Memory Corruption Vulnerability in Adobe Flash Player Versions 24.0.0.186 and Earlier: Arbitrary Code Execution via Visual Mode Effects DOM-based Cross-Site Scripting Vulnerability in Adobe Acrobat Chrome Extension Concurrency Error in Adobe Flash Player Allows Arbitrary Code Execution SWF Metadata Parsing Vulnerability in Adobe Flash Player (CVE-2017-2938) Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Heap Overflow Vulnerability in Adobe Flash Player Versions 24.0.0.186 and Earlier: Texture Compression Exploit Heap Overflow Vulnerability in Adobe Flash Player Parsing Adobe Texture Format Files Heap Overflow Vulnerability in Adobe Flash Player Versions 24.0.0.186 and Earlier Use After Free Vulnerability in Adobe Flash Player's ActionScript FileReference Class Use After Free Vulnerability in Adobe Flash Player's ActionScript FileReference Class Security Bypass Vulnerability in Adobe Flash Player Versions 24.0.0.186 and Earlier Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader Form Data Format (FDF) Security Bypass Vulnerability Buffer Overflow/Underflow Vulnerability in Adobe Acrobat Reader XFA Engine Heap Overflow Vulnerability in Adobe Acrobat Reader XSLT Engine Use After Free Vulnerability in Adobe Acrobat Reader's XFA Engine Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Acrobat Reader's XFA Engine Allows Arbitrary Code Execution Buffer Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Module Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Module Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Module Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Memory Corruption Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Use After Free Vulnerability in Adobe Acrobat Reader's XFA Engine Allows Arbitrary Code Execution Type Confusion Vulnerability in Adobe Acrobat Reader's XSLT Engine: Arbitrary Code Execution Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine JPEG EXIF Metadata Memory Corruption Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Memory Corruption Vulnerability in Adobe Acrobat Reader's XFA Engine Code Injection Vulnerability in Adobe Campaign Versions 16.4 Build 8724 and Earlier Cross-Site Scripting (XSS) Vulnerability in Adobe Campaign Versions 16.4 Build 8724 and Earlier Heap Overflow Vulnerability in Adobe Acrobat Reader XSLT Engine Heap Overflow Vulnerability in Adobe Acrobat Reader JPEG Decoder Routine JPEG Parsing Memory Corruption Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Arbitrary Code Execution Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Buffer Over-read Vulnerability in Adobe Digital Editions 4.5.3 and Earlier: Risk of Information Disclosure Use After Free Vulnerability in Adobe Flash Player: Arbitrary Code Execution Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Shockwave Heap Overflow Vulnerability in Adobe Flash Player h264 Decoder Routine Use After Free Vulnerability in Adobe Flash Player's BitmapData Class Heap Overflow Vulnerability in Adobe Flash Player Versions 24.0.0.194 and Earlier: Arbitrary Code Execution via Flash Video (FLV) Codec Integer Overflow Vulnerability in Adobe Flash Player (CVE-2017-2997) Memory Corruption Vulnerability in Adobe Flash Player Input Validation Bypass in Adobe Campaign Versions Build 8770 and Earlier Memory Corruption Vulnerability in Adobe Flash Player h264 Decompression Routine Memory Corruption Vulnerability in Adobe Flash Player h264 Codec Heap Overflow Vulnerability in Adobe Flash Player: Arbitrary Code Execution via MP4 Header Parsing Use After Free Vulnerability in Adobe Flash Player Versions 24.0.0.194 and Earlier: Arbitrary Code Execution via Event Handlers Use After Free Vulnerability in Adobe Flash Player Primetime SDK Event Dispatch Type Confusion Vulnerability in Adobe Flash Player: Arbitrary Code Execution via MessageChannel Class Memory Corruption Vulnerability in Adobe Flash Player Primetime SDK Buffer Overflow/Underflow Vulnerability in Adobe Flash Player Primetime TVSDK Memory Corruption Vulnerability in Adobe Flash Player Primetime TVSDK API Memory Corruption Vulnerability in Adobe Flash Player Primetime TVSDK Vulnerability in Random Number Generator in Adobe Flash Player Versions 24.0.0.221 and Earlier Use After Free Vulnerability in Adobe Flash Player Versions 24.0.0.221 and Earlier Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Photoshop CC 2017 and Earlier Versions Unquoted Search Path Vulnerability in Adobe Photoshop Versions CC 2017 and Earlier Improper Resource Permissions Vulnerability in Adobe Thor Versions 3.9.5.353 and Earlier Directory Search Path Vulnerability in Adobe Thor Versions 3.9.5.353 and Earlier Reflected Cross-Site Scripting Vulnerability in Adobe ColdFusion 2016, 11, and 10 Buffer Overflow Vulnerability in Adobe Acrobat Reader JPEG2000 Parser Memory Corruption Vulnerability in Adobe Acrobat Reader Integer Overflow Vulnerability in Adobe Acrobat Reader's CCITT Fax PDF Filter Insecure Library Loading Vulnerability in Adobe Acrobat Reader OCR Plugin Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader XML Forms Architecture (XFA) Memory Corruption Vulnerability in Adobe Acrobat Reader's JBIG2 Parsing Functionality Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader Renderer Memory Corruption Vulnerability Memory Corruption Vulnerability in Adobe Acrobat Reader PRC Format Parser Memory Address Leak Vulnerability in Adobe Acrobat Reader Weblink Module Memory Address Leak Vulnerability in Adobe Acrobat Reader's JPEG 2000 Parser Engine Memory Address Leak Vulnerability in Adobe Acrobat Reader JPEG 2000 Code-Stream Tile Memory Corruption Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader XFA Module Memory Corruption Vulnerability in Adobe Acrobat Reader's Image Conversion Module Memory Address Leak Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader AES Module Memory Corruption Vulnerability Memory Address Leak Vulnerability in Adobe Acrobat Reader XSLT Engine Memory Address Leak Vulnerability in Adobe Acrobat Reader's JPEG 2000 Code-Stream Parser Memory Address Leak Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader XFA Engine Integer Overflow Vulnerability Use After Free Vulnerability in Adobe Acrobat Reader's XFA Engine Memory Corruption Vulnerability in Adobe Acrobat Reader's PCX Image Conversion Adobe Acrobat Reader JavaScript Engine Memory Corruption Vulnerability Memory Corruption Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader's PPKLite Security Handler Memory Corruption Vulnerability in Adobe Acrobat Reader's JBIG2 Image Compression Module Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Memory Address Leak Vulnerability in Adobe Acrobat Reader Collaboration Functionality JPEG 2000 Engine Memory Corruption Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader JPEG 2000 Parser Memory Address Leak Vulnerability Memory Address Leak Vulnerability in Adobe Acrobat Reader's JPEG 2000 Parser Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine JPEG Image Conversion Engine Memory Corruption Vulnerability in Adobe Acrobat Reader Memory Address Leak Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Memory Address Leak Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Memory Corruption Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Heap Overflow Vulnerability in Adobe Acrobat Reader JPEG 2000 Parsing Memory Corruption Vulnerability in Adobe Acrobat Reader's JavaScript Engine Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript API Use After Free Vulnerability in Adobe Flash Player Sound Class Use After Free Vulnerability in Adobe Flash Player (CVE-2017-2997) Memory Corruption Vulnerability in Adobe Flash Player ActionScript2 Code Parser Memory Corruption Vulnerability in Adobe Flash Player SWF Parser Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Flash Player: Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Flash Player Memory Corruption Vulnerability in Adobe Acrobat Reader's Font Manipulation Functionality Java Deserialization Vulnerability in Adobe ColdFusion 2016 and Earlier Versions Information Disclosure Vulnerability in Adobe Experience Manager Forms Pre-Population Service Memory Corruption Vulnerability in Adobe Flash Player's Advanced Video Coding Engine Memory Corruption Vulnerability in Adobe Flash Player's BlendMode Class Memory Corruption Vulnerability in Adobe Flash Player's ConvolutionFilter Class Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Flash Player's BitmapData Class Use After Free Vulnerability in Adobe Flash Player Versions 25.0.0.148 and Earlier: Memory Corruption and Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Flash Player Graphics Class Use After Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Flash Player MPEG-4 AVC Module Memory Corruption Vulnerability in Adobe Flash Player PNG Image Parser Adobe Flash Player ATF Module Memory Corruption Vulnerability Memory Corruption Vulnerability in Adobe Flash Player Adobe Flash Player Security Bypass Vulnerability in Internet Explorer Use After Free Vulnerability in Adobe Flash Player Versions 25.0.0.171 and Earlier: Arbitrary Code Execution Memory Corruption Vulnerability in Adobe Flash Player's LocaleID Class Use After Free Vulnerability in Adobe Flash Player Primetime SDK: Arbitrary Code Execution Use After Free Vulnerability in Adobe Flash Player Advertising Metadata Functionality Adobe Flash Player Security Bypass Vulnerability in URL Redirect Memory Corruption Vulnerability in Adobe Shockwave (Versions 12.2.8.198 and Earlier) Allows Arbitrary Code Execution Adobe Captivate Quiz Reporting Information Disclosure Vulnerability Arbitrary Code Execution Vulnerability in Adobe Digital Editions PDF Runtime Engine Arbitrary Code Execution Vulnerability in Adobe Digital Editions PDF Imaging Model Insecure Library Loading Vulnerability in Adobe Digital Editions Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Versions Insecure Library Loading Vulnerability in Adobe Digital Editions Arbitrary Code Execution Vulnerability in Adobe Digital Editions Arbitrary Code Execution Vulnerability in Adobe Digital Editions PDF Processing Engine Arbitrary Code Execution Vulnerability in Adobe Digital Editions PDF Parsing Engine Arbitrary Code Execution Vulnerability in Adobe Digital Editions Insecure Library Loading Vulnerability in Adobe Digital Editions Remote Code Execution Vulnerability in Adobe Captivate Quiz Reporting Feature Action Script 3 Raster Data Model Memory Corruption Vulnerability in Adobe Flash Player Memory Corruption Vulnerability in Adobe Flash Player's Action Script 2 BitmapData Class Clickjacking Vulnerability in Adobe Connect Versions 9.6.1 and Earlier Reflected Cross-Site Scripting Vulnerability in Adobe Connect Versions 9.6.1 and Earlier Stored Cross-Site Scripting Vulnerability in Adobe Connect Versions 9.6.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Adobe RoboHelp Versions Before RH12.0.4.460 and RH2017 Before RH2017.0.2 Open Redirect Vulnerability in Adobe RoboHelp Type Confusion Vulnerability in Adobe Flash Player (CVE-2017-3085) Misconfiguration Vulnerability in Adobe Experience Manager 6.3 and Earlier Malicious File Execution Vulnerability in Adobe Experience Manager 6.2 and Earlier Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager's HtmlRendererServlet Sensitive Data Exposure Vulnerability in Adobe Experience Manager 6.1 and Earlier Sensitive Token Exposure in Adobe Experience Manager Adobe Flash Player Metadata Buffer Overflow Vulnerability Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Buffer Overflow Vulnerability in Adobe Flash Player 27.0.0.183 and Earlier Versions Information Disclosure Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader's MakeAccessible Plugin Heap Overflow Vulnerability in Adobe Acrobat Reader Plugin for PDF Links Adobe Acrobat Reader Multiple Security Bypass Vulnerability Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's EMF Parser Arbitrary Code Execution via Memory Corruption in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Unauthenticated XSS Vulnerability in FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 Open Redirect Vulnerability in Fortinet FortiAnalyzer and FortiManager Cross-Site Scripting Vulnerability in Fortinet FortiGate Firewall Policy Creation Stored XSS Vulnerability in Fortinet FortiOS via policy global-label Parameter Cross-Site Scripting Vulnerability in Fortinet FortiWeb Site Publisher Feature Fortinet FortiOS Information Disclosure Vulnerability Fortinet FortiOS Cross-Site Scripting Vulnerability in FortiView Applications Fortinet FortiOS Cross-Site Scripting Vulnerability Allows Unauthorized Code Execution Cross-Site Scripting Vulnerability in Fortinet FortiOS Allows Unauthorized Code Execution via SSL-VPN Replacement Message HTML Fortinet FortiWLC-SD Root Access Vulnerability via 'copy running-config' Command Inconsistent State Vulnerability in BIND DNS Server DNS64 Server Assertion Failure Vulnerability Misordered Records Vulnerability in BIND DNS Server Null Command String Vulnerability in BIND 9.9.9-P7 to 9.9.9-S9 BIND DNSSEC Validation Denial of Service Vulnerability Endless Loop Vulnerability in BIND's Response Policy Zones (RPZ) Processing Unquoted Service Path Privilege Escalation in BIND Installer on Windows TSIG Authentication Bypass Vulnerability in BIND DNS Server Unauthorized Dynamic Update Vulnerability in BIND DNS Server OMAPI Connection Exhaustion Vulnerability in ISC DHCP Server Use-after-free vulnerability in BIND's upstream recursion fetch contexts sequencing Apache Atlas Cookie Vulnerability Stored Cross-Site Scripting Vulnerability in Apache Atlas Edit-Tag Functionality DOM XSS Vulnerability in Apache Atlas Edit-Tag Functionality Reflected XSS Vulnerability in Apache Atlas Search Functionality Excessive Information Exposure in Apache Atlas Versions 0.6.0-incubating and 0.7.0-incubating Cross Frame Scripting Vulnerability in Apache Atlas 0.6.0-incubating and 0.7.0-incubating Timing Attack Vulnerability in Apache CXF OAuth2 Hawk and JOSE MAC Validation Code Apache OpenOffice Embedded Object File Reading Vulnerability Race Condition Vulnerability in Guacamole Terminal Emulator Apache Camel's camel-snakeyaml component: Java Object De-serialization Vulnerability Insecure Default URI for Gradle Fetching in Cordova-Android Cross-Site Scripting (XSS) Vulnerability in HDFS Web UI in Apache Hadoop Unvalidated Query Parameter in Hadoop HDFS Namespace Browsing Servlet Path Traversal Vulnerability in Apache Solr Index Replication Apache Solr Server Side Request Forgery Vulnerability Cross-Site Scripting (XSS) Vulnerability in Apache Brooklyn REST Server World-readable file vulnerability in Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1 Authentication Bypass Vulnerability in Apache HTTP Server Null Pointer Dereference in mod_ssl during HTTP request to HTTPS port Multiple Cross-Site Scripting Vulnerabilities in TIBCO Products Unspecified SQL-Injection Vulnerabilities in Multiple TIBCO Products Unvalidated SSL Certificate Vulnerability in ThreatMetrix SDK for iOS Unauthorized Access to Privileged Database Functions in Sage XRT Treasury Unauthenticated Remote Factory Reset Vulnerability in ACTi Cameras (CVE-2017-3186) Sensitive Information Exposure in ACTi Cameras with Firmware Version A1D-500-V6.11.31-AC Default Admin Credentials Vulnerability in ACTi Cameras Cross-Site Request Forgery (CSRF) Vulnerability in dotCMS Administration Panel Path Traversal Vulnerability in dotCMS Administration Panel Arbitrary File Upload and Remote Command Execution in dotCMS Administration Panel SSL Certificate Validation Vulnerability in Flash Seats Mobile App for Android and iOS Authentication Bypass Vulnerability in D-Link DIR-130 and DIR-330 Routers Vulnerability: Administrator Credentials Disclosure in D-Link DIR-130 and DIR-330 Stack-based Buffer Overflow Vulnerability in D-Link DIR-850L Firmware SSL Certificate Validation Vulnerability in Pandora iOS App Stack-based Buffer Overflow Vulnerability in Commvault Edge Communication Service (cvd) Arbitrary Code Execution Vulnerability in PCAUSA Rawether Framework Insecure Implementation of BIOSWE, BLE, SMM_BWP, and PRx Features in GIGABYTE BRIX UEFI Firmware Insecure Firmware Update Process in GIGABYTE BRIX UEFI Java AMF3 Deserialization Remote Code Execution Vulnerability Arbitrary Code Execution via Java AMF3 Deserialization in GraniteDS 3.1.1.G Java AMF3 Deserialization Remote Code Execution Vulnerability Arbitrary Code Execution via Java AMF3 Deserialization in Flamingo amf-serializer Remote Code Execution Vulnerability in Java AMF3 Deserializers Insecure Host Key Verification in Go SSH Library AMF3 Deserializers in Flamingo amf-serializer by Exadel 2.2.0: XML External Entity (XXE) Injection Vulnerability Remote Code Execution Vulnerability in WebORB for Java by Midnight Coders AMF3 Deserializers in WebORB for Java by Midnight Coders 5.1.1.0 - XML External Entity (XXE) Vulnerability Vulnerability: Unauthenticated FTP Access with Full File Permissions on DBPOWER U818A WIFI Quadcopter Drone Insecure Configuration in Portrait Display SDK Allows Arbitrary Code Execution Unauthenticated Data Leakage in Yopify E-commerce Notification Plugin SSL Certificate Verification Vulnerability in Space Coast Credit Union Mobile App Unverified X.509 Certificates in Think Mutual Bank Mobile Banking App for iOS Allows Man-in-the-Middle Attacks Plaintext Storage of Master Token in Milwaukee ONE-KEY Android Mobile App Expiration of Bearer Tokens in Milwaukee ONE-KEY Android App Allows Unauthorized User Actions Authentication Bypass Vulnerability in WiMAX Routers with MediaTek SDK Unprotected SMS Interface Allows Unauthorized Device Control Insecure TLS Certificate Validation in Samsung Magician 5.0 Insecure Software Updates in Acronis True Image 2017 Build 8053 Blind SQL Injection Vulnerability in Inmarsat AmosConnect 8 Login Form AmosConnect 8 Vulnerability: Remote Code Execution via Hard-coded Credentials Stack Buffer Overflow Vulnerability in Dahua IP Camera Products Vulnerability: OSPF LSA Recency Determination Flaw Zero Initialization Vector Vulnerability in Das U-Boot's AES-CBC Encryption Improper Handling of Encrypted Environment Data in Das U-Boot Oracle Fusion Middleware MapViewer Component Vulnerability Java SE Networking Vulnerability Vulnerability in Oracle Support Tools: Unauthorized Access to Critical Data in Automatic Service Request (ASR) Critical Vulnerability in Oracle Support Tools: Unauthorized Access and Modification in Automatic Service Request (ASR) Critical Vulnerability in Oracle Support Tools: Automatic Service Request (ASR) Takeover Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking component allows unauthorized data manipulation Critical Vulnerability in Oracle Support Tools: Automatic Service Request (ASR) Takeover MySQL Server Component Denial of Service Vulnerability Unauthorized Read Access Vulnerability in Oracle GlassFish Server Oracle Database Server RDBMS Security Unauthorized Read Access Vulnerability Java SE, Java SE Embedded, JRockit RMI Vulnerability Vulnerability in Oracle VM Server for Sparc Allows Unauthorized Denial of Service Attacks MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability Unauthenticated Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Direct Banking Oracle E-Business Suite Patching Vulnerability Oracle GlassFish Server SMTP Vulnerability Oracle WebLogic Server T3 Vulnerability LDAP-based Unauthorized Access and Data Manipulation Vulnerability in Oracle GlassFish Server Oracle GlassFish Server Unauthenticated Remote Code Execution Vulnerability MySQL Server Denial of Service Vulnerability Vulnerability in Java SE, Java SE Embedded, JRockit: Unauthorized Data Access Java SE, Java SE Embedded, JRockit 2D Component Denial of Service Vulnerability Oracle Retail Invoice Matching Component Vulnerability Vulnerability in Oracle JDeveloper component of Oracle Fusion Middleware: Unauthorized Read Access Vulnerability in MySQL Server: Replication Component Allows for Unauthorized Server Crash MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability Java SE Deployment Vulnerability Vulnerability in Java SE AWT Component Allows Takeover Java SE Networking Vulnerability Java SE: Unauthorized Read Access Vulnerability Vulnerability in Primavera P6 Enterprise Project Portfolio Management Allows Unauthorized Data Access and Modification Unauthorized Data Manipulation Vulnerability in Oracle Siebel CRM Vulnerability in MySQL Server Packaging Component Allows Unauthorized Access and DOS Attacks Oracle Outside In Technology Component Vulnerability Oracle Outside In Technology Denial of Service Vulnerability Oracle Outside In Technology Denial of Service Vulnerability Oracle Outside In Technology Denial of Service Vulnerability Oracle Outside In Technology Denial of Service Vulnerability Vulnerability in Oracle Outside In Technology: Unauthorized Access and Data Compromise Critical Vulnerability in Oracle Java SE and Java SE Embedded Libraries MySQL Server Denial of Service Vulnerability Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Solaris Kernel Zones Virtualized Block Driver Unauthorized Data Access and Denial of Service Vulnerability Oracle Applications Manager Component Vulnerability: Unauthorized Access to Critical Data Oracle One-to-One Fulfillment Component Vulnerability: Unauthorized Access and Data Compromise Oracle E-Business Suite Oracle Leads Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Partner Management User Interface Vulnerability Oracle Partner Management User Interface Vulnerability Oracle Partner Management User Interface Vulnerability Oracle Partner Management User Interface Vulnerability Vulnerability in Oracle Service Fulfillment Manager component of Oracle E-Business Suite: Unauthorized Access and Data Manipulation Vulnerability in Oracle Service Fulfillment Manager component of Oracle E-Business Suite: Unauthorized Access and Data Manipulation Oracle Applications DBA Patching Vulnerability Oracle iStore User Interface Vulnerability Vulnerability in Oracle FLEXCUBE Investor Servicing Allows Unauthorized Data Manipulation Vulnerability in Oracle Java SE and Java SE Embedded: Remote Code Execution Vulnerability in Oracle VM VirtualBox Shared Folder Component MySQL Server Packaging Vulnerability Critical Data Breach Vulnerability in Oracle PeopleSoft Products (Integration Broker Component) Vulnerability in Oracle Outside In Technology: Unauthorized Access and Data Compromise Oracle Outside In Technology Denial of Service Vulnerability Oracle Outside In Technology Denial of Service Vulnerability Unauthenticated Unauthorized Read Access Vulnerability in Oracle Commerce Platform Oracle FLEXCUBE Direct Banking Component Unauthorized Access Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access Solaris Kernel Unauthorized Data Manipulation Vulnerability Buffer Overflow Vulnerability in libmysqlclient.so Oracle XML Gateway Component Vulnerability in Oracle E-Business Suite Vulnerability in MySQL Cluster component allows unauthorized data access and partial denial of service Vulnerability in MySQL Server component allows unauthorized access to critical data Vulnerability in MySQL Enterprise Monitor: Unauthorized Access and Data Manipulation Vulnerability in MySQL Enterprise Monitor Allows Unauthorized Data Access and Partial Denial of Service MySQL Server Denial of Service Vulnerability Critical Vulnerability in Oracle MySQL Server: Exploitable Optimizer Component Allows Unauthorized Server Compromise Critical Vulnerability in Oracle Database Server's OJVM Component (CVE-XXXX) Unauthenticated Remote Code Execution Vulnerability in Oracle Enterprise Manager Grid Control's Application Testing Suite MySQL Server Packaging Vulnerability MySQL Server MyISAM Vulnerability: Unauthorized Access to Critical Data Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Unauthorized Read Access Vulnerability in PeopleSoft Enterprise HCM ePerformance Vulnerability in Oracle VM VirtualBox GUI component allows for takeover MySQL Server Logging Vulnerability MySQL Server Error Handling Vulnerability Unauthorized Read Access Vulnerability in MySQL Server MySQL Server Encryption Vulnerability MySQL Cluster Unauthenticated Remote Denial of Service Vulnerability MySQL Cluster Component Denial of Service Vulnerability MySQL Cluster Unauthenticated Remote Denial of Service Vulnerability Vulnerability in Primavera P6 Enterprise Project Portfolio Management: Unauthorized Access and Data Manipulation Vulnerability in Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI) allows unauthorized access and data manipulation Oracle Common Applications Role Summary Unauthenticated Remote Code Execution Vulnerability Oracle Common Applications Component Vulnerability in Resources Module (CVE-XXXX-XXXX) Oracle Common Applications Component Vulnerability in Resources Module (CVE-XXXX-XXXX) MySQL Server Thread Pooling Vulnerability Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Access and Data Manipulation MySQL Server Denial of Service Vulnerability Vulnerability in Oracle VM VirtualBox: Unauthorized Data Access and System Crash Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthorized Data Access Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthorized Data Access Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthorized Data Access Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthorized Data Access Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthorized Data Access Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Customer Intelligence User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Customer Intelligence User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Installed Base User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Oracle Knowledge Management User Interface Unauthenticated Remote Code Execution Vulnerability Oracle iStore Address Book Unauthenticated Remote Code Execution Vulnerability Oracle iSupport User Interface Unauthenticated Access Vulnerability Oracle iSupport User Interface Unauthenticated Access Vulnerability Oracle iSupport User Interface Unauthenticated Access Vulnerability Oracle E-Business Suite Oracle Interaction Blending Component Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle Advanced Outbound Telephony User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Advanced Outbound Telephony User Interface Unauthenticated Remote Code Execution Vulnerability Oracle Advanced Outbound Telephony User Interface Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle Universal Work Queue Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle Universal Work Queue Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle Universal Work Queue Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle E-Business Suite CRM Technical Foundation User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite CRM Technical Foundation User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite CRM Technical Foundation User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment Component Vulnerability in Oracle E-Business Suite Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment Component Unauthorized Data Access Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle One-to-One Fulfillment User Interface Unauthenticated Remote Code Execution Vulnerability Oracle E-Business Suite Customer Interaction History User Interface Unauthenticated Remote Access Vulnerability Oracle E-Business Suite Customer Interaction History User Interface Unauthenticated Remote Access Vulnerability Oracle E-Business Suite Customer Interaction History User Interface Unauthenticated Remote Access Vulnerability Oracle Common Applications User Interface Vulnerability Oracle Trade Management User Interface Vulnerability Oracle Trade Management User Interface Vulnerability Oracle Trade Management User Interface Vulnerability MySQL Server Vulnerability: Unauthenticated Remote Attack Leading to Server Hang or Crash Vulnerability in Oracle Retail Open Commerce Platform: Unauthorized Data Access and Manipulation Vulnerability in MySQL Server: Optimizer Component (CVE-XXXX-XXXX) MySQL Server Component Denial of Service Vulnerability Vulnerability in MySQL Server: Unauthorized Access and Denial of Service Privilege Escalation Vulnerability in Oracle MySQL Server MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Optimizer Vulnerability MySQL Server Audit Plug-in Denial of Service Vulnerability MySQL Server Privilege Escalation Vulnerability MySQL Server Privilege Escalation Vulnerability MySQL Server Privilege Escalation Vulnerability Vulnerability in MySQL Server component allows unauthorized data manipulation Privilege Escalation Vulnerability in Oracle MySQL Server Unauthenticated Unauthorized Read Access Vulnerability in MySQL Server Vulnerability in MySQL Server Encryption Component Unauthenticated Unauthorized Read Access Vulnerability in MySQL Workbench Oracle Communications Security Gateway ICMP Ping Denial of Service Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data manipulation Vulnerability in Oracle FLEXCUBE Private Banking: Unauthorized Data Access and Modification Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Private Banking Solaris Zone Unauthorized Data Access Vulnerability Oracle FLEXCUBE Private Banking Component Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized access and data compromise Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and partial denial of service Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access Oracle FLEXCUBE Universal Banking Partial Denial of Service Vulnerability Title: Critical Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Oracle FLEXCUBE Enterprise Limits and Collateral Management Unauthorized Access Vulnerability Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Denial of Service Vulnerability in SQL*Plus component of Oracle Database Server allows for takeover Vulnerability in Oracle FLEXCUBE Investor Servicing Allows Unauthorized Data Manipulation Vulnerability in Oracle FLEXCUBE Investor Servicing Allows Unauthorized Data Manipulation Vulnerability in Oracle FLEXCUBE Investor Servicing Allows Unauthorized Data Access and Manipulation Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management Critical Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management component allows unauthorized access and partial denial of service Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Direct Banking allows unauthorized read access to sensitive data Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Manipulation Solaris Remote Administration Daemon Vulnerability Solaris Kernel Unauthorized Data Access Vulnerability Oracle Social Network Android Client Vulnerability Highly Exploitable Vulnerability in Primavera Gateway Component of Oracle Primavera Products Suite Unauthenticated Remote Code Execution Vulnerability in Primavera Unifier Component of Oracle Primavera Products Suite Vulnerability in PeopleSoft Enterprise FIN Receivables component allows unauthorized data manipulation Apache Commons BeanUtils Remote Code Execution Vulnerability in Primavera P6 Enterprise Project Portfolio Management Vulnerability in Oracle Support Tools: Unauthorized Data Access and Partial Denial of Service in Automatic Service Request (ASR) Vulnerability in Oracle Support Tools: Unauthorized Data Access and Partial Denial of Service in Automatic Service Request (ASR) Oracle WebLogic Server Web Services Unauthenticated Access Vulnerability Oracle Service Bus Web Console Design Vulnerability Highly Exploitable Vulnerability in Primavera Gateway Component of Oracle Primavera Products Suite Java SE Networking Vulnerability Solaris Kernel Zones Virtualized NIC Driver Unauthorized Data Access Vulnerability Vulnerability in Java SE, Java SE Embedded, and JRockit: Unauthenticated Takeover Vulnerability in Java SE AWT Component Allows Takeover Vulnerability in Oracle VM VirtualBox Allows Unauthorized Data Access Java SE AWT Component Vulnerability Oracle E-Business Suite User Management Component Vulnerability Solaris Kernel Zones Virtualized NIC Driver Denial of Service Vulnerability JD Edwards EnterpriseOne Tools Component Vulnerability Vulnerability in Oracle Enterprise Manager Grid Control: Enterprise Manager Base Platform Hang or Crash Critical Vulnerability in Oracle PeopleSoft Products: Unauthorized Access to Critical Data Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Critical Vulnerability in Oracle PeopleSoft SCM Purchasing Component (Supplier Registration) Allows Unauthorized Data Access and Modification Vulnerability in PeopleSoft Enterprise SCM eSupplier Connection: Unauthorized Data Access and Modification Vulnerability in MySQL Connectors: Remote Takeover Vulnerability in PeopleSoft Enterprise SCM Strategic Sourcing: Unauthorized Data Access and Modification Title: High-Risk Vulnerability in Oracle PeopleSoft Products: Unauthorized Data Access and Modification in SCM Service Procurement Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Hang or Crash Unauthenticated Read Access Vulnerability in PeopleSoft Enterprise PeopleTools Vulnerability in Oracle Applications Framework Allows Unauthorized Data Manipulation Vulnerability in MySQL Server UDF Component Allows for Server Crash or Hang Oracle Transportation Manager Component Vulnerability: Unauthorized Access and Data Manipulation Oracle WebLogic Server Servlet Runtime Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Retail Warehouse Management System Allows Unauthorized Data Access and Manipulation Unauthenticated FTP Access Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit Critical Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Access to Critical Data Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in Oracle Real-Time Scheduler component of Oracle Utilities Applications Vulnerability in Oracle VM VirtualBox Shared Folder Component Java SE, Java SE Embedded Vulnerability: Unauthorized Data Access via Multiple Protocols Oracle WebCenter Sites Server Unauthenticated Remote Code Execution Vulnerability Oracle WebCenter Sites Server Unauthenticated Access Vulnerability Oracle WebCenter Sites Server Unauthenticated Remote Code Execution Vulnerability Oracle WebCenter Sites Server Unauthenticated Remote Code Execution Vulnerability Unauthenticated Remote Code Execution Vulnerability in Oracle Java SE Networking Component Oracle WebCenter Sites Blob Server Unauthenticated Access Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component Oracle E-Business Suite Scripting Administration Unauthorized Access Vulnerability Oracle E-Business Suite Customer Interaction History Component Vulnerability Solaris Smartcard Libraries Vulnerability Vulnerability in Oracle Hospitality OPERA 5 Property Services: Unauthorized Data Access Oracle Identity Manager Component Vulnerability: Rules Engine Takeover Oracle WebCenter Sites Catalog Mover Unauthorized Data Access Vulnerability Oracle iReceivables Self Registration Denial of Service Vulnerability Oracle E-Business Suite File Management Unauthorized Read Access Vulnerability Oracle One-to-One Fulfillment Print Server Vulnerability Vulnerability in Oracle VM VirtualBox: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox: Unauthorized Access and Denial of Service Vulnerability in Oracle Hospitality OPERA 5 Property Services component allows unauthorized read access Vulnerability in Oracle VM VirtualBox: Unauthorized Takeover Vulnerability in Oracle Applications DBA component of Oracle E-Business Suite: Unauthorized Access and Data Manipulation Vulnerability in Oracle VM VirtualBox: Unauthorized Takeover Solaris RBAC Privilege Escalation Vulnerability Solaris RBAC Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in OJVM component of Oracle Database Server: Unauthorized Hang or Crash Vulnerability in Oracle Hospitality OPERA 5 Property Services: Unauthorized Access and Data Manipulation Vulnerability in Oracle Hospitality OPERA 5 Property Services component allows unauthorized data access and manipulation Title: Highly Exploitable Vulnerability in Oracle PeopleSoft Enterprise FSCM Component (eSettlements) Allows Unauthorized Access and Data Manipulation Critical Vulnerability in Oracle PeopleSoft Enterprise SCM eBill Payment Component (9.2) Allows Unauthorized Data Access and Modification Oracle Commerce Guided Search / Oracle Commerce Experience Manager Denial of Service Vulnerability Vulnerability in Oracle Hospitality OPERA 5 Property Services: Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality OPERA 5 Property Services: Unauthorized Access and Data Compromise Oracle VM VirtualBox Core Vulnerability Vulnerability in Oracle VM VirtualBox: Unauthorized Takeover Vulnerability in PeopleSoft Enterprise CS Campus Community component allows unauthorized access and data manipulation Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Takeover Vulnerability in Primavera P6 Enterprise Project Portfolio Management: Unauthorized Data Access and Manipulation Critical Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Takeover Critical Vulnerability in Oracle Support Tools: Automatic Service Request (ASR) Takeover Oracle SuperCluster Specific Software Backup/Restore Utility Unauthenticated Takeover Vulnerability Unauthenticated Remote Code Execution Vulnerability in Primavera P6 Enterprise Project Portfolio Management Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Takeover Unauthenticated Remote Data Manipulation Vulnerability in Sun ZFS Storage Appliance Kit (AK) Vulnerability in MySQL Connectors: Unauthorized Data Access and Manipulation Vulnerability in Oracle VM VirtualBox Shared Folder Component Solaris Cluster Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in MySQL Connectors allows unauthorized data manipulation Vulnerability in MySQL Connectors: Unauthorized Data Manipulation Vulnerability in Oracle WebCenter Sites Catalog Mover Component Oracle Payables Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation Oracle WebCenter Sites Advanced UI Unauthenticated Remote Code Execution Vulnerability Oracle WebCenter Sites Advanced UI Component Unauthorized Access Vulnerability Oracle WebCenter Sites Advanced UI Component Vulnerability Oracle WebCenter Sites Advanced UI Component Vulnerability Oracle WebCenter Sites Advanced UI Unauthorized Access Vulnerability Oracle WebCenter Sites Unauthorized Read Access Vulnerability Vulnerability in MySQL Server: Pluggable Auth Component Allows Remote Denial of Service MySQL Server Vulnerability: Remote Takeover via Client mysqldump (CVE-2017-3600) Oracle API Gateway Vulnerability: Unauthorized Access and Data Manipulation Oracle WebCenter Sites Advanced UI Component Vulnerability Oracle WebCenter Sites Unauthorized Read Access Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Oracle Berkeley DB Data Store Vulnerability Vulnerability in Oracle Support Tools: Unauthorized Access and Data Manipulation in Automatic Service Request (ASR) Vulnerability in Oracle Support Tools: Unauthorized Access to Critical Data in Automatic Service Request (ASR) Critical Vulnerability in Oracle Support Tools: Automatic Service Request (ASR) Takeover Sun ZFS Storage Appliance Kit (AK) Denial of Service Vulnerability Solaris Solaris Component Vulnerability: Extremeparr (CVE-2017-3622) Solaris Kernel RPC Vulnerability: Ebbisland Oracle WebCenter Content Component Vulnerability Oracle GlassFish Server Vulnerability: Unauthorized Data Access via Java Server Faces Solaris Kernel Takeover Vulnerability Solaris Kernel Unauthorized Access Vulnerability Solaris Kernel Unauthorized Access and Data Manipulation Vulnerability Solaris Solaris Component CDE Calendar Takeover Vulnerability Vulnerability in MySQL Server's Memcached Component Allows Unauthorized Access and Denial of Service MySQL Server Denial of Service Vulnerability Vulnerability in MySQL Connectors component allows for Denial of Service (DoS) attacks Vulnerability in Oracle MySQL Server: Unauthorized Data Access and Partial Denial of Service Vulnerability in MySQL Server's X Plugin Allows for Denial of Service Attacks MySQL Server Optimizer Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Optimizer Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Optimizer Denial of Service Vulnerability MySQL Server X Plugin Denial of Service Vulnerability MySQL Server Replication Vulnerability MySQL Server Denial of Service Vulnerability MySQL Server Replication Vulnerability Unauthenticated Unauthorized Read Access Vulnerability in MySQL Server MySQL Server Vulnerability: Unauthorized Data Manipulation via Client mysqldump Vulnerability in MySQL Server Allows Unauthorized Data Access and Manipulation Vulnerability in MySQL Server Allows Unauthorized Data Manipulation Privilege Escalation Vulnerability in Intel(R) NUC Kits via Improper Device Configuration OpenSSL DHE/ECDHE Key Exchange NULL Pointer Dereference Vulnerability Out-of-bounds Read Vulnerability in SSL/TLS Servers and Clients Carry Propagating Bug in OpenSSL 1.0.2 and 1.1.0 OpenSSL Renegotiation Handshake Crash Vulnerability One-byte Overread Vulnerability in OpenSSL's IPAddressFamily Extension Parsing Carry Propagating Bug in x86_64 Montgomery Squaring Procedure in OpenSSL Vulnerability: Incomplete Error State Handling in OpenSSL 1.0.2b-1.0.2m AVX2 Montgomery Multiplication Overflow Vulnerability Local Privilege Escalation Vulnerability in Lenovo Active Protection System Trackpoint Firmware Alteration Vulnerability in Lenovo Power Management Driver Vulnerability: Password Exposure in Lenovo Connect2 Ad-Hoc Connection Concurrent User Vulnerability: User ID and Password Exposure during Command Processing Vulnerability: Clear Text Login Information Captured in Lenovo System x Servers' FFDC Service Log Information Disclosure Vulnerability in Lenovo XClarity Administrator (LXCA) Privilege Escalation Vulnerability in ThinkPad USB 3.0 Ethernet Adapter Driver Local Privilege Escalation Vulnerability in Lenovo Nerve Center for Windows 10 Desktop Systems Vulnerability: Privilege Escalation on Lenovo VIBE Mobile Phones Privilege Escalation via Idea Friend Android Application on Lenovo VIBE Mobile Phones Privilege Escalation Vulnerability in Lenovo VIBE Mobile Phones via Lenovo Security Android Application Unquoted Service Path Vulnerability in ThinkPad Compact USB Keyboard with TrackPoint Driver OSPF Implementation Flaws in Lenovo Switches: Routing Table Manipulation Vulnerability Lenovo UEFI Vulnerability: Bypassing System Protections with Specially Crafted Code Lenovo Notebook Systems Vulnerable to Unauthorized BIOS Flashing and Malicious Code Execution Unquoted Service Path Privilege Escalation Vulnerability in Lenovo Active Protection System Unquoted Service Path Vulnerability in ElanTech Touchpad Driver for Lenovo Notebooks Lenovo Service Framework Android Component Remote Code Execution Vulnerability Lenovo Service Framework Android Application Vulnerability: Remote Code Execution via Man-in-the-Middle Attacks Insecure Credential Usage in Lenovo Service Framework Android App Leads to Remote Code Execution Vulnerability Lenovo Service Framework Android Application Command Injection Vulnerability Vulnerability: Weak Encryption and Hard-coded Password in Lenovo Fingerprint Manager Pro LXCA File System Access Vulnerability User Account Name Exposure Vulnerability in Lenovo XClarity Administrator (LXCA) HP Backdoor: Authentication Bypass Vulnerability in Lenovo and IBM RackSwitch and BladeCenter Products Local Privilege Escalation Vulnerability in Realtek Audio Driver for Lenovo ThinkPad Products Denial of Service Vulnerability in IMM2: Memory Exhaustion via CIM Authentication Flooding LXCA Privilege Escalation Vulnerability in Versions Prior to 1.3.2 Unsecured System Boot Process in Lenovo E95 and ThinkCentre M710s/M710t: Incomplete BIOS/UEFI Initialization Stack Overflow Vulnerability in Lenovo and IBM Servers' Web Administration Service Lenovo System x Server Secure Boot Authentication Bypass Insecure Transmission of Information in Lenovo Help Android App Vulnerability in Cisco Expressway Series and Cisco TelePresence VCS Software Could Cause Denial of Service (DoS) Authentication Bypass Vulnerability in Cisco Prime Home Web GUI Vulnerability in Cisco TelePresence MCU Software Allows Remote Code Execution or DoS Cisco ASA and FTD Denial of Service Vulnerability Cross-Site Request Forgery (CSRF) Vulnerability in Cisco WebEx Meetings Server Arbitrary Password Change Vulnerability in Cisco WebEx Meetings Server Remote Code Execution Vulnerability in Cisco WebEx Meetings Server 2.6 Unauthenticated Remote Access to Cisco WebEx Administration Server FQDN Cisco Unified Communications Manager XSS Filter Bypass Vulnerability Cisco WebEx Meeting Center URL Parameter Redirection Vulnerability Vulnerability in Cisco Email Security Appliances Allows Bypass of Message and Content Filters Privilege Escalation Vulnerability in Cisco UCS Director's Web-based GUI Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Cisco IOS Software Forwarding Queue Memory Leak Vulnerability Vulnerability in IS-IS Protocol Packet Processing of Cisco Nexus Switches: Device Reload Exploit Unauthenticated Remote Access to Confidential Information in Cisco IOS and Cisco IOx Software Arbitrary Shell Command Injection Vulnerability in Cisco Firepower Appliances Cisco ASA Software Clientless SSL VPN Heap Overflow Vulnerability Cisco Unified Communications Manager (Cisco Unified CM) SIP UDP Throttling Denial of Service Vulnerability Cisco Firepower Management Center Policy Deployment Module Vulnerability Web URL Redirect Vulnerability in Cisco Prime Service Catalog XML External Entity Vulnerability in Cisco WebEx Meetings Server Denial of Service Vulnerability in Cisco Industrial Ethernet 2000 Series Switches Privilege Escalation Vulnerability in Cisco AnyConnect Secure Mobility Client Software URL Bypass Vulnerability in Cisco Firepower System Software API Privilege Vulnerability in Cisco TelePresence Server Software Role-based resource checking vulnerability in Cisco UCS Director Malformed MIME Header Filtering Bypass Vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliances Privilege Escalation Vulnerability in Cisco ASR 5000/5500/5700 Series and Cisco Virtualized Packet Core Cisco ASR 1000 Series Aggregation Services Routers SNMP CPU Usage Denial of Service Vulnerability Reflected Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Serviceability Page Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) Arbitrary Audit Log Entry Addition Vulnerability Arbitrary Code Execution Vulnerability in Cisco WebEx Browser Extensions Cisco cBR Series Converged Broadband Routers Denial of Service Vulnerability Cisco TelePresence Collaboration Endpoint Software ICMP Ingress Packet Processing Denial of Service Vulnerability Cisco NetFlow Generation Appliance (NGA) SCTP Decoder Denial of Service Vulnerability Unauthenticated Remote Bypass Vulnerability in Cisco AsyncOS Software for Cisco ESA and WSA Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Switches Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Switches Denial of Service Vulnerability in Cisco Meeting Server (CMS) API Authentication Bypass Vulnerability in Cisco Mobility Express 1800 Series Access Points Cisco Wireless LAN Controller (WLC) Software Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Web Framework Default Credentials Vulnerability in Cisco Aironet 1830 and 1850 Series Access Points SQL Injection Vulnerability in Cisco ISE Sponsor Portal: Unauthorized Access to Notices Unauthenticated Remote Access Vulnerability in Cisco Unified Communications Manager Web Bridge Interface Vulnerability in Cisco Meeting Server (CMS) Allows Memory Retrieval and DoS DOM-based XSS Vulnerability in Cisco Secure Access Control System (ACS) XML External Entity (XXE) Vulnerability in Cisco Secure Access Control System (ACS) Open Redirect Vulnerability in Cisco Secure Access Control System (ACS) Web Interface Unauthenticated Remote Information Disclosure Vulnerability in Cisco Secure ACS Web Interface Cisco Intrusion Prevention System Device Manager (IDM) Web Interface Information Disclosure Vulnerability File Download Vulnerability in Cisco Prime Collaboration Assurance Vulnerability in Exporting Functions of Cisco Prime Collaboration Assurance Allows Unauthorized File Access Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Collaboration Assurance Unauthenticated Remote File Retrieval Vulnerability in Cisco Workload Automation and Cisco Tidal Enterprise Scheduler Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center 6.2.1 Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Interface Denial of Service Vulnerability in Autonomic Networking Infrastructure (ANI) Registrar Feature of Cisco IOS and IOS XE Software Denial of Service Vulnerability in Cisco IOS and IOS XE Software with Autonomic Networking Infrastructure (ANI) Feature Cisco IOx Directory Traversal Vulnerability Arbitrary File Modification Vulnerability in Cisco IOx Application Environment Stack Overflow Vulnerability in Cisco IOx Data-in-Motion Process Impersonation Vulnerability in Cisco Wireless LAN Controller Mesh Code Cisco IOS XE Web User Interface Denial of Service Vulnerability Cisco IOS and IOS XE L2TP Parsing Function Denial of Service Vulnerability Arbitrary Command Injection Vulnerability in Cisco IOS XE Software Cisco ASR 920 Series Aggregation Services Routers Zero Touch Provisioning DHCP Code Format String Vulnerability Multiple EnergyWise Module Vulnerabilities in Cisco IOS and IOS XE Multiple EnergyWise Module Vulnerabilities in Cisco IOS and Cisco IOS XE Multiple EnergyWise Module Vulnerabilities in Cisco IOS and Cisco IOS XE Multiple EnergyWise Module Vulnerabilities in Cisco IOS and Cisco IOS XE Cisco IOS and IOS XE DHCP Client Denial of Service Vulnerability IPsec VPN Tunnel Termination Vulnerability in Cisco StarOS Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Service Catalog Web Framework BGP BFD Implementation Vulnerability in Cisco ASA Software Cross-Site Scripting (XSS) Vulnerability in Cisco UCS Director Web Interface API Credentials Exposure Vulnerability in Cisco Prime Infrastructure Bypassing URL Filter Rule in Cisco Web Security Appliance (WSA) RADIUS Secret Disclosure Vulnerability in Cisco Prime Optical for Service Providers Cisco Unified Communications Manager XSS Filter Bypass Vulnerability Vulnerability in Cisco Aironet Access Points Allowing Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager (CallManager) Web Framework Access-Control Filtering Mechanisms Bypass Vulnerability in Cisco Nexus 7000 Series Switches Denial of Service Vulnerability in Cisco IOS XR Routers Cross-Site Request Forgery Vulnerability in Cisco Unified Communications Manager (CallManager) Web Framework Denial of Service Vulnerability in Cisco NX-OS Telnet Remote Login Functionality Denial of Service Vulnerability in Cisco NX-OS Software for Cisco Nexus 9000 Series Switches Authentication Bypass Vulnerability in Cisco WebEx Meetings Server Vulnerability in Cisco Cluster Management Protocol (CMP) Processing Code Allows Remote Code Execution and Device Reload Arbitrary Code Execution Vulnerability in Cisco CVR100W Wireless-N VPN Router Vulnerability in Cisco Firepower and NX-OS AAA Implementation Allows Remote Device Reload Title: Authenticated Remote Access Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager Web Interface Cisco Firepower System Software SSL Packet Reassembly Denial of Service Vulnerability Cisco Unified Communications Manager Web Interface SQL Injection Vulnerability Cisco Firepower System Software SSL Detection Engine Denial of Service Vulnerability Reflected Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Open Redirect Vulnerability in Cisco Registered Envelope Service Reflected Cross-Site Scripting Vulnerability in BlackBerry WatchDox Server Components Elevation of Privilege Vulnerability in BlackBerry QNX SDP 6.6.0 with QNet Enabled Information Disclosure Vulnerability in BlackBerry QNX SDP 6.6.0 Allows Memory Layout Exploitation Buffer Overflow Vulnerability in BlackBerry QNX SDP 6.6.0 Allows Unauthorized Modification of GOT and PLT Tables Stored Cross Site Scripting (XSS) Vulnerability in BlackBerry Unified Endpoint Manager and BES12 Management Console Unvalidated Parameter Vulnerability in Intel Security McAfee Agent 5.0.x Code Injection Vulnerability in McAfee Live Safe and McAfee Security Scan Plus Vulnerability in McAfee LiveSafe Allows Unauthorized Modification of Windows Registry Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier: SQL Injection Vulnerability Cross-site scripting (XSS) vulnerability in Intel Security ePO Web UI allows injection of malicious Java scripts via input validation bypass. Arbitrary HTML Code Injection Vulnerability in McAfee Threat Intelligence Exchange (TIE) Server Arbitrary Command Execution Vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 Cross-Site Scripting (XSS) Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x via HTTP Headers HTTP Strict Transport Security (HSTS) State Information Disclosure Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x MIME Type Sniffing Vulnerability in Network Data Loss Prevention McAfee ePolicy Orchestrator (ePO) 5.9.0 and earlier versions - OS Command Injection Vulnerability Arbitrary Code Injection through XSS in McAfee DLP Endpoint 10.0.x ePO Extension Elevation of Privileges through Authorization Vulnerability in McAfee Network Security Management (NSM) Arbitrary HTML Code Reflection Vulnerability in McAfee Network Security Management (NSM) Unsalted Hash Password Recovery Vulnerability in McAfee Network Security Management (NSM) McAfee Network Security Management (NSM) Reflective Cross-Site Scripting (XSS) Vulnerability CSRF Vulnerability in McAfee Network Security Management (NSM) Allows Unauthorized Actions Session Hijacking Vulnerability in McAfee Network Security Management (NSM) Arbitrary Web Script Injection Vulnerability in McAfee Network Security Management (NSM) Session Fixation Vulnerability in McAfee Network Security Manager (NSM) and Network Data Loss Prevention (NDLP) Inadequate SSL Implementation Vulnerability in McAfee Network Security Management (NSM) Server Insecure RC4 Encryption in McAfee Network Security Management (NSM) Web Interface Server Banner Information Leakage Vulnerability in McAfee Network Security Management (NSM) Command Execution Vulnerability in McAfee ePolicy Orchestrator (ePO) Extension HTTP Header Injection Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x Privilege Escalation Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x Server McAfee Network Data Loss Prevention (NDLP) 9.3.x Server Banner Disclosure Vulnerability Session Hijacking Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x Server-side Clickjacking Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x Web Server Method Disclosure Vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x User Name Disclosure in McAfee Network Data Loss Prevention (NDLP) 9.3.x Registry Injection Vulnerability in McAfee Products McAfee Advanced Threat Defense (ATD) Web Interface Authentication Bypass Vulnerability Remote Command Injection Vulnerability in McAfee Advanced Threat Defense (ATD) Web Interface Remote Command Injection Vulnerability in McAfee Advanced Threat Defense (ATD) Web Interface Authentication Bypass Vulnerability in McAfee Advanced Threat Defense (ATD) Web Interface Privilege Escalation in McAfee Advanced Threat Defense Web Interface Airwatch Agent for Android Vulnerability: Root Detection Bypass Rooted Device Vulnerability in Airwatch Inbox for Android Allows Unauthorized Data Disclosure Drive and Device Sharing Vulnerability in VMware Horizon DaaS DLL Loading Vulnerability in VMware Workstation Pro/Player 12.x VMware Workstation Pro/Player 12.x SVGA Driver Out-of-Bound Read Vulnerability NULL Pointer Dereference Vulnerability in VMware Workstation Pro/Player 12.x Out-of-Bounds Memory Access Vulnerability in VMware Workstation and Fusion Heap Buffer Overflow in SVGA: Guest-to-Host Code Execution Vulnerability Uninitialized Stack Memory Usage Vulnerability in VMware ESXi, Workstation, and Fusion Uninitialized Memory Usage Vulnerability in VMware ESXi, Workstation, and Fusion Uninitialized Memory Usage Vulnerability in VMware ESXi, Workstation, and Fusion Heap Buffer-Overflow Vulnerability in VMware Unified Access Gateway and Horizon View Heap Buffer-Overflow Vulnerabilities in VMware Workstation and Horizon View Client JPEG2000 Parser Heap Buffer-Overflow Vulnerability in VMware Workstation and Horizon View Client Out-of-Bounds Read Vulnerabilities in VMware Workstation and Horizon View Client Out-of-Bounds Write Vulnerabilities in VMware Workstation and Horizon View Client Out-of-Bounds Read Vulnerabilities in VMware Workstation and Horizon View Client Integer-Overflow Vulnerability in VMware Workstation and Horizon View Client Remote Code Execution Vulnerability in VMware vSphere Data Protection (VDP) Insecure Library Loading Vulnerability in VMware Workstation Pro/Player via ALSA Sound Driver Configuration Files NULL Pointer Dereference Vulnerability in VMware Workstation Pro/Player vstor2 Driver Reversible Encryption Vulnerability in VMware vSphere Data Protection (VDP) Command Injection Vulnerability in VMware Horizon View Client Allows Privilege Escalation on Mac OSX Unauthenticated Access to Guest Operating Systems via VIX API in VMware vCenter Server OSPF Protocol Implementation Vulnerability in VMware NSX-V Edge Insecure Library Loading Vulnerability in VMware vCenter Server (6.5 prior to 6.5 U1) Information Disclosure Vulnerability in VMware vCenter Server Information Disclosure Vulnerability in VMware vCenter Server Appliance File-Based Backup Feature Out-of-Bounds Write Vulnerability in VMware SVGA Device Allows Guest-to-Host Code Execution NULL Pointer Dereference Vulnerability in VMware ESXi and Workstation/Fusion Stored Cross-Site Scripting (XSS) Vulnerability in VMware vCenter Server (6.5 prior to 6.5 U1) Remote Denial of Service Vulnerability in VMware vCenter Server SSRF and CRLF Injection Vulnerabilities in vSphere Web Client VMware NSX Edge XSS Vulnerability Authenticated User URL Redirection Vulnerability in VMware AirWatch Console 9.x CSV File Injection Vulnerability in VMware AirWatch Console 9.x Escalation of Privilege Vulnerability in VMware AirWatch Launcher for Android Vulnerability: Heap Overflow in VMware VNC Session Heap Buffer-Overflow Vulnerability in VMware Workstation and Fusion Allows Guest-to-Host Code Execution Out-of-Bounds Write Vulnerability in VMware Workstation and Horizon View Client Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon View Client JPEG2000 Parser Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon View Client Guest RPC NULL Pointer Dereference Vulnerability in VMware Workstation and Fusion DLL Hijacking Vulnerability in VMware Workstation Installer (12.x before 12.5.8) Stored Cross-Site Scripting (XSS) Vulnerability in VMware ESXi Host Client Vulnerability: Stack Overflow in VMware VNC Server Broken Access Control Vulnerability in VMware AirWatch Console (AWC) Allows Unauthorized Access to End-User Device Details Local Privilege Escalation Vulnerability in VMware vCenter Server Appliance (vCSA) via 'showlog' Plugin Guest Access Control Vulnerability in VMware Workstation and Fusion Privilege Escalation Vulnerability in VMware V4H and V4PA Desktop Agents (6.x before 6.5.1) Xenon Deserialization Vulnerability in VMware vRealize Automation and vSphere Integrated Containers Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon View Client Use-After-Free Vulnerability in VMware NAT Service with Enabled IPv6 Mode Integer Overflow Vulnerability in VMware NAT Service with IPv6 Mode Enabled Cross Site Request Forgery Vulnerability in VMware AirWatch Console Allows Installation of Malicious Applications Authentication Bypass Vulnerability in VMware Xenon Credentials Leakage in Pivotal PCF Elastic Runtime Logs Account Takeover Vulnerability in Pivotal PCF Elastic Runtime UAA OAuth Clients Denial of Service Vulnerability BOSH Director Shell Injection Vulnerabilities Session Fixation Vulnerability in Cloud Foundry UAA CPI Code Injection Vulnerability in Cloud Foundry Foundation BOSH Azure CPI v22 Cross-Site Scripting (XSS) Vulnerability in RabbitMQ Management UI Insecure Storage of User Credentials in RabbitMQ Management UI Cross-Site Scripting (XSS) Vulnerability in RabbitMQ Management UI Exceeding Memory and Disk Quotas Vulnerability in Cloud Foundry CF-Release Versions Staticfile buildpack regression allows basic auth to be turned off Potential Remote Code Execution in Pivotal Spring Web Flow Blind SQL Injection Vulnerability in Cloud Foundry UAA Privilege Escalation Vulnerability in UAA Groups Endpoint Blind SQL Injection with Privileged UAA Endpoints Open Security Group Override Vulnerability Undocumented Account with Default Password in EMC ESRS Policy Manager Sensitive Information Disclosure Vulnerability in EMC RSA Archer Security Operations Management Cross-Site Scripting Vulnerability in EMC RSA Adaptive Authentication (On-Premise) Versions Prior to 7.3 P2 NFS Export Vulnerability in EMC Isilon OneFS Path Traversal Vulnerability in EMC Isilon OneFS Improper Certificate Processing Vulnerability in EMC RSA BSAFE Cert-C before 2.9.0.5 Privilege Management Vulnerability in EMC Mainframe Enablers ResourcePak Base Versions 7.6.0, 8.0.0, and 8.1.0 Privilege Escalation Vulnerability in EMC Data Domain OS 5.2 through 5.7 and 6.0 Vulnerability: Remote Code Execution in EMC VNX Control Station Privilege Escalation Vulnerability in EMC VNX Control Station Authentication Bypass Vulnerability in EMC ESRS VE 3.18 or Earlier Uncontrolled Search Path Vulnerability in EMC VNX Control Station Privilege Escalation Vulnerability in EMC Isilon OneFS Unauthenticated Remote Access to EMC Avamar Server Software Maintenance Page Arbitrary Code Execution Vulnerability in EMC Avamar Server Software Cross-Zone Password Reset Vulnerability Arbitrary Password Reset Vulnerability in Cloud Foundry UAA Account Corruption Vulnerability in Cloud Foundry UAA Arbitrary Code Execution Vulnerability in Pivotal Spring Security Unauthenticated Remote Code Execution Vulnerability in EMC VASA Provider Virtual Appliance Cross-Site Request Forgery (CSRF) Vulnerability in EMC RSA Archer 5.x.x.x Authorization Bypass in EMC RSA Archer Discussion Forum Messages Information Exposure Through Error Message Vulnerability in EMC RSA Archer Information Exposure Through Error Message Vulnerability in EMC RSA Archer Open Redirect Vulnerability in EMC RSA Archer 5.4.1.3 and 5.5.x Reflected Cross Site Scripting Vulnerabilities in EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA Identity Management and Governance Stored Cross Site Scripting Vulnerabilities in EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA Identity Management and Governance Stack-based Buffer Overflow in Quick Heal Internet Security, Total Security, and AntiVirus Pro on OS X Arbitrary Script Injection Vulnerability in Google Chrome Arbitrary Script Injection Vulnerability in Google Chrome Arbitrary Script Injection Vulnerability in Google Chrome WebRTC Heap Corruption Vulnerability Inappropriate Context Resolution in Google Chrome Prior to 56.0.2924.76/56.0.2924.87 Insufficient Sanitization of DevTools URLs in Google Chrome for Windows Allows Remote Filesystem Reading via Malicious Extension Heap Buffer Overflow in V8: Remote Code Execution via Crafted HTML Page Spoofing Omnibox Contents in Google Chrome for Linux (CVE-2017-5007) Heap Buffer Overflow in Skia Image Processing in Google Chrome IDN Homograph Domain Spoofing Vulnerability in Google Chrome UI Element Display Vulnerability in Google Chrome Insufficient Video Memory Clearing in Google Chrome for Mac Prior to 56.0.2924.76 Allows Remote Image Extraction Insufficiently Strict Content Security Policy in Google Chrome Allows Remote Code Injection Use After Free Vulnerability in Google Chrome Prior to 56.0.2924.76/56.0.2924.87 Unauthenticated Remote Code Execution via Unrestricted Download Operations in Google Chrome Out of Bounds Memory Read Vulnerability in Google Chrome Content Security Policy Bypass in Google Chrome Type Confusion Vulnerability in Google Chrome Histogram Heap Corruption Vulnerability in FFmpeg in Google Chrome Heap Corruption Vulnerability in FFmpeg in Google Chrome Cross-Origin Alert Injection in Google Chrome Content Security Policy Bypass in Google Chrome Cross-Origin Data Leakage Vulnerability in V8 Engine of Google Chrome (prior to 56.0.2924.76) Integer Overflow in xsltAddTextString Function in libxslt 1.1.29 Arbitrary Code Execution via Complex Species Handling Vulnerability in V8 Use After Free Vulnerability in ANGLE in Google Chrome Prior to 57.0.2987.98 for Windows Heap Corruption Vulnerability in PDFium CSP Bypass Vulnerability in Google Chrome Use After Free Vulnerability in PDFium in Google Chrome Race Condition Vulnerability in Google Chrome Prior to 57.0.2987.98 for Windows and Mac Use After Free Vulnerability in PDFium in Google Chrome Integer Overflow Vulnerability in FFmpeg in Google Chrome Use After Free Vulnerability in Chrome Apps PDFium Use After Free Vulnerability Memory Read Vulnerability in V8 Engine of Google Chrome Incorrect Information Display Vulnerability in Google Chrome Vulnerability: Cookie Leakage via SSDP Discovery in Google Chrome Use After Free Vulnerability in Chrome Apps Heap Buffer Overflow in Skia Filter Processing in Google Chrome XSS Auditor Brute Force Vulnerability in Google Chrome Insufficient Policy Enforcement in V8 Allows Location Object Spoofing Integer Overflow Vulnerability in FFmpeg in Google Chrome Integer Overflow Vulnerability in FFmpeg in Google Chrome Integer Overflow Vulnerability in FFmpeg in Google Chrome Integer Overflow Vulnerability in FFmpeg in Google Chrome Integer Overflow Vulnerability in FFmpeg in Google Chrome Memory Corruption Vulnerability in Blink Engine of Google Chrome Out-of-Bounds Read Vulnerability in V8 in Google Chrome Out-of-Bounds Read Vulnerability in V8 in Google Chrome Use After Free Vulnerability in Google Chrome Prior to 57.0.2987.133 for Linux and Windows Out of Bounds Memory Read Vulnerability in Google Chrome Type Confusion Vulnerability in PDFium in Google Chrome Use After Free Vulnerability in PrintPreview in Google Chrome Type Confusion Vulnerability in Google Chrome Prior to 58.0.3029.81/58.0.3029.83 Domain Spoofing Vulnerability in Google Chrome Omnibox Spoofing Vulnerability in Google Chrome Use After Free Vulnerability in Chrome Apps Allows Remote Out of Bounds Memory Access Numeric Overflow Vulnerability in Skia in Google Chrome Heap Corruption Vulnerability in Google Chrome (Windows) Prior to 58.0.3029.81 Confusion-based User Security Decision Vulnerability in Google Chrome (prior to 58.0.3029.81) Insecure Signature Handling in Google Chrome Networking Stack Insufficient Watchdog Timer in Google Chrome Allows Remote URL Spoofing Race condition vulnerability in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux Cross-Origin Resource Sharing Bypass via Incorrect MIME Type in Chrome Blink (CVE-2017-5033) Type Confusion Vulnerability in V8 Engine: Remote Code Execution in Google Chrome Out of Bounds Memory Read Vulnerability in V8 in Google Chrome Domain Spoofing Vulnerability in Google Chrome for Android Out of Bounds Memory Read Vulnerability in Google Chrome Print Preview Use After Free Vulnerability in Chrome Apps Allows Remote Out of Bounds Memory Read via Crafted HTML Page CSP Reporting Implementation Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome Out of Bounds Memory Read Vulnerability in Skia in Google Chrome Command Injection Vulnerability in Google Chrome's mailto: Handling Remote UI Display Vulnerability in Google Chrome Use After Free Vulnerability in Credit Card Autofill in Google Chrome Extension File Tampering Vulnerability in Google Chrome Credit Card Autofill Vulnerability in Google Chrome for Android Remote UI Display Vulnerability in Google Chrome Local File Disclosure Vulnerability in Google Chrome OS Image-Burner Remote Code Execution via Crafted Bookmarks in Google Chrome for iOS Domain Spoofing Vulnerability in Google Chrome IndexedDB Sandbox Escape Vulnerability in Google Chrome Out of Bounds Memory Access Vulnerability in V8 Engine Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome Use After Free Vulnerability in IndexedDB in Google Chrome Sandbox Escape Vulnerability in Google Chrome PPAPI Plugins Bypassing Full Screen Warning in Google Chrome Prior to 60.0.3112.78 Type Confusion Vulnerability in Google Chrome Extensions JavaScript Bindings Stack Overflow Vulnerability in PDFium in Google Chrome Cross-Origin Content Download Vulnerability in Google Chrome for Android Out of Bounds Memory Read Vulnerability in Skia in Google Chrome Use After Free Vulnerability in V8 in Google Chrome Prior to 60.0.3112.78 Privilege Elevation Vulnerability in PPAPI Plugins in Google Chrome Use After Free Vulnerability in Google Chrome 60.0.3112.78 for Windows Omnibox Spoofing Vulnerability in Google Chrome Uninitialized Value Vulnerability in Skia in Google Chrome Uninitialized Value Vulnerability in Skia in Google Chrome Omnibox Spoofing Vulnerability in Google Chrome for Mac (prior to 60.0.3112.78) Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome Timing Attack Vulnerability in SVG Rendering in Google Chrome Type Confusion Vulnerability in PDFium Allows Remote Object Modification Remote Code Execution via Unload Handler Handling Vulnerability in Google Chrome Remote Spoofing Vulnerability in Web Payments API Implementation Use After Free Vulnerability in PDFium in Google Chrome Heap Buffer Overflow in WebGL in Google Chrome Heap Corruption Vulnerability in Skia in Google Chrome Memory Corruption Vulnerability in PDFium in Google Chrome Type Confusion Vulnerability in V8 Engine of Google Chrome (Windows) Prior to 61.0.3163.79 Type Confusion Vulnerability in V8 Engine: Remote Code Execution in Google Chrome Uninitialized Value Vulnerability in Skia in Google Chrome CSP Bypass Vulnerability in Google Chrome Uninitialized Value Vulnerability in Skia in Google Chrome Vulnerability: HTTPS Downgrade via Inappropriate WWW Mismatch Redirects in Google Chrome Arbitrary Code Execution Vulnerability in V8 JIT Optimization in Google Chrome Out-of-Bounds Access Vulnerability in V8 Engine of Google Chrome Escaping Sandboxes: Exploiting Insufficient Data Validation in waitid on Linux Remote Code Execution via UXSS in Google Chrome Heap Buffer Overflow in Skia in Google Chrome Use After Free Vulnerability in PDFium in Google Chrome PDFium Use After Free Vulnerability in Google Chrome Heap Buffer Overflow in Google Chrome's Blink Engine via Crafted HTML Page and WebGL Use After Free Vulnerability in WebAudio in Google Chrome Integer Overflow Vulnerability in libxml2: Remote Heap Corruption via Crafted XML File Skia Integer Overflow Vulnerability in Google Chrome WebAssembly Heap Corruption Vulnerability in Google Chrome Heap Memory Corruption and Information Leak Vulnerability in Google Chrome SNMP Access-Control Bypass in Technicolor DPC3928SL Devices: Stringbleed Vulnerability Unauthenticated Shutdown Vulnerability in SendQuick Entera and Avera Devices Unauthenticated SMS Log Retrieval Vulnerability Plaintext Storage of Password Vulnerability in Honeywell XL Web II Controller Clear Text Password Storage Vulnerability Session Fixation Vulnerability in Honeywell XL Web II Controller Improper Privilege Management in Honeywell XL Web II Controller Allows Unauthorized Parameter Modification Unauthenticated Directory Traversal Vulnerability in Honeywell XL Web II Controller Access Control Bypass in Carlo Gavazzi VMU-C EM and VMU-C PV CSRF Vulnerability in Carlo Gavazzi VMU-C EM and VMU-C PV Clear-text Storage of Sensitive Information in Carlo Gavazzi VMU-C EM and VMU-C PV Uncontrolled Search Path Element Vulnerability in AzeoTech DAQFactory Unverified Endpoint Identities in St. Jude Medical Merlin@home SQL Injection Vulnerability in VideoInsight Web Client Version 6.3.5.11 and Earlier: Remote Code Execution Authentication Bypass Vulnerability in Advantech WebAccess Version 8.1 Information Exposure Through Server Log Files Vulnerability in OSIsoft PI Coresight and PI Web API SQL Injection Vulnerability in Advantech WebAccess Version 8.1 Default Password Vulnerability in Schneider Electric Wonderware Historian Cross-Site Request Forgery Vulnerability in Schneider Electric Wonderware InTouch Access Anywhere Cross-Site Scripting Vulnerability in Schneider Electric homeLYnk Controller Information Exposure Vulnerability in Schneider Electric Wonderware InTouch Access Anywhere Password Reset Vulnerability in Phoenix Contact mGuard Devices Insecure SSL Certificate Verification in Schneider Electric Wonderware InTouch Access Anywhere Uncontrolled Search Path Element (DLL Hijacking) Vulnerability in Sielco Sistemi Winlog SCADA Software Lack of Authentication in BINOM3 Universal Multifunctional Electric Power Quality Meter Allows Unauthorized Access to Application Setup and Configuration Configuration File Disclosure Vulnerability CROSS-SITE SCRIPTING Vulnerability in BINOM3 Universal Multifunctional Electric Power Quality Meter CSRF Token Generation Vulnerability in BINOM3 Universal Multifunctional Electric Power Quality Meter BINOM3 Universal Multifunctional Electric Power Quality Meter: Privileged Access Information Exposure Vulnerability Lack of User Password Change Option in BINOM3 Universal Multifunctional Electric Power Quality Meter Multiple Path Traversal Vulnerabilities in Hanwha Techwin Smart Security Manager Versions 1.5 and Prior Multiple Cross Site Request Forgery Vulnerabilities in Hanwha Techwin Smart Security Manager Versions 1.5 and Prior Uncontrolled Search Path Element (DLL Hijacking) Vulnerability in Moxa SoftNVR-IA Live Viewer Improper Neutralization of Special Elements in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12 Allows Remote Code Execution Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12 Authentication Bypass Vulnerability DLL Hijacking Vulnerability in Advantech WebAccess 8.1 and Earlier DLL Hijack Vulnerability in Rockwell Automation Connected Components Workbench (CCW) Stack Buffer Overflow Vulnerability in VIPA Controls WinPLC7 5.0.45.5921 and Prior Default System Account Vulnerability in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 and Wonderware Intelligence Versions 2014R3 and Prior Arbitrary Script Injection in Tenable Nessus before 6.9.3 Firejail Symlink Sandbox-Escape Vulnerability Arbitrary File Read Vulnerability in Open Enterprise Server (OES) Remote Manager Cross-Site Scripting (XSS) Vulnerability in NetIQ Access Manager 4.2.2 and 4.3.x Account Enumeration Vulnerability in NetIQ Sentinel Server 8.0 Remote Denial of Service Vulnerability in NetIQ Sentinel Server 8.0 Deprecated MD5 Hashing Algorithm Used in Communications Certificate Cross-Site Request Forgery (CWE-352) vulnerability in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier Relative Symlink Vulnerability in bs_worker Code Allows Leakage of Private Information NetIQ iManager SSL Private Key Exposure Vulnerability Concurrency Issue in NetIQ Access Manager 4.2 and 4.3 Allows Information Leakage Unvalidated HTTP Referer Header XSS Vulnerability in NetIQ Access Manager Authentication Bypass Vulnerability in SaltStack Salt NULL Pointer Dereference and Crash Vulnerability in Irssi's nickcmp Function Irssi Use-After-Free Vulnerability in Invalid Nick Message Handling Denial of Service Vulnerability in Irssi 0.8.17 Denial of Service Vulnerability in Irssi 0.8.18 XSS Vulnerability in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2 via Malformed SVG Element Local Privilege Escalation in SolarWinds LEM (aka SIEM) before 6.3.1 Arbitrary Code Execution Vulnerability in SolarWinds LEM (SIEM) Editbanner Feature Arbitrary Command Execution Vulnerability in SaltStack Salt Information Disclosure Vulnerability in NetApp Clustered Data ONTAP Buffer Overflow in ISO CLNS Parser of tcpdump Buffer Overflow Vulnerability in BOOTP Parser of tcpdump Buffer Overflow Vulnerability in tcpdump's IPv6 Parser Buffer Overflow in ISAKMP Parser: Exploiting print-isakmp.c:ikev2_e_print() in tcpdump Bypassing Seccomp-based Sandbox Protection in Firejail Privilege Escalation in Firejail via --shell Argument Integer Overflow Vulnerability in wrestool Program in icoutils Buffer Over-read Vulnerability in libplist's base64decode Function Information Exposure in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Content Spoofing Vulnerability in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Incorrect Access Control in Open-Xchange GmbH OX App Suite 7.8.3 Cross Site Scripting (XSS) vulnerability in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Uniqid Prediction Vulnerability in Codextrous B2J Contact Extension for Joomla Remote Code Execution Vulnerability in Codextrous B2J Contact Extension for Joomla! Stack-based Buffer Overflow Vulnerability in Netop Remote Control Guest Client's Import to Phonebook Option Vulnerability: Samsung Android Devices Crash via Zero-Permission App SQL Injection in SageCRM 7.x before 7.3 SP3 via AP_DocumentUI.asp Arbitrary File Upload and Remote Code Execution in SageCRM 7.x before 7.3 SP3 Remote File Inclusion Vulnerability in PHPMailer Heap Buffer Overflow in LibTIFF 4.0.7's tiffcp Tool: DoS or Code Execution via Crafted BitsPerSample Value Escape from Bubblewrap Sandbox via TIOCSTI Ioctl Vulnerability Sensitive Domain Administrator Password Disclosure in QNAP QTS Directory Traversal Vulnerability in Rapid7 Metasploit Directory Traversal Vulnerability in Rapid7 Metasploit Static Password Vulnerability in Rapid7 Nexpose Keystore Directory Traversal Vulnerability in Rapid7 Metasploit DLL Preloading Vulnerability in Rapid7 Nexpose Installers DLL Preloading Vulnerability in Rapid7 AppSpider Pro Installers Rapid7 Insight Collector Installer DLL Preloading Vulnerability DLL Preloading Vulnerability in Rapid7 Metasploit Pro Installers DLL Preloading Vulnerability in Rapid7 AppSpider Pro Installers Lack of Authentication Allows Unauthenticated Factory Reset on Eview EV-07S GPS Tracker Eview EV-07S GPS Tracker Input Configuration Fields Overflow Vulnerability Unencrypted Transmission of Sensitive Data in Eview EV-07S GPS Tracker Heap-Based Buffer Overflow in Rapid7 AppSpider Pro FLAnalyzer.exe Component Post-Authentication Persistent XSS Vulnerability in Biscom Secure File Transfer Versions 5.0.0.0 - 5.1.1024 Identical SSH Host Keys in Nexpose and InsightVM Virtual Appliances Vulnerability: Insecure Default SSH Configuration in Rapid7 Nexpose Hardware Appliances Improper Access Control in Metasploit Task Stopping Routes Biscom Secure File Transfer: AngularJS Expression Injection in Display Name Field Cross-Site Scripting Vulnerability in Biscom Secure File Transfer Insecure Storage of OAuth Token in Wink - Smart Home Android App Insecure Storage of OAuth Token in Insteon for Hub Android App Unencrypted Radio Transmissions in Insteon Hub (Version 1012 and Prior) Vulnerability: Privilege Escalation and Password Manipulation in Cambium Networks ePMP Firmware Remote Command Execution Vulnerability in Cambium Networks ePMP Firmware Persistent XSS Vulnerability in Cambium Networks ePMP Firmware ePMP Firmware Version 3.5 and Prior: SNMP Community String XSS Vulnerability ePMP Firmware Prior to 3.5: Remote Configuration Restore XSS Vulnerability Undocumented Root-Privilege Web Shell Vulnerability in Cambium Networks cnPilot Firmware Unauthenticated Access to Configuration File in Cambium Networks cnPilot Firmware File Path Traversal Vulnerability in Cambium Networks cnPilot Firmware SNMP Read-Only Community String Access Vulnerability in Cambium Networks cnPilot Firmware Lack of CSRF Controls in Cambium Networks cnPilot Firmware Versions 4.3.2-R4 and Prior Cross-Site Request Forgery (CSRF) Vulnerability in Nexpose Versions Prior to 6.4.66 User Spoofing Vulnerability in Palo Alto Networks Terminal Services Agent Privilege Escalation via Out-of-Bounds Write in Palo Alto Networks Terminal Services Agent Remote Code Execution Vulnerability in Ark before 16.12.1 Integer Overflow in icoutils: Arbitrary Code Execution Vulnerability Unallocated Memory Access Vulnerability in icoutils Integer Overflow in extract_group_icon_cursor_resource Function in icoutils Double Free Vulnerability in GnuTLS X.509 Extension Import Proxy Function Denial of Service Vulnerability in GnuTLS Stream Reading Functions Stack-based buffer overflow in cdk_pk_get_keyid function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 Heap-based buffer overflows in GnuTLS read_attribute function via crafted OpenPGP certificate Arbitrary Code Execution and Denial of Service Vulnerability in PHP Buffer Overflow Vulnerability in OTV Parser of tcpdump Buffer Overflow Vulnerability in Multiple Protocol Parsers of tcpdump Blind Boolean SQL Injection in dotCMS through 3.6.1 SQL Injection Vulnerability in GeniXCMS 0.0.8: Remote Authenticated Editors Can Execute Arbitrary SQL Commands Arbitrary SQL Command Execution Vulnerability in GeniXCMS 0.0.8 Arbitrary SQL Command Execution Vulnerability in GeniXCMS 0.0.8 Incomplete Exception Handling Vulnerability in Samsung Note Devices (SVE-2016-7122) Samsung Note Devices Vulnerable to Denial of Service Attack via VR Service Threads (SVE-2016-7650) Denial of Service Vulnerability in Irssi before 0.8.21 Denial of Service Vulnerability in GNU ed before 1.14.1 Remote Code Execution Vulnerability in EasyCom for PHP 4.0.0.29 EasyCom SQL iPlug Denial of Service Vulnerability Timing Side-Channel Vulnerability in Request Tracker (RT) Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3: Denial of Service and Remote Code Execution Multiple Reflected XSS Vulnerabilities in ZoneMinder v1.30 and v1.29 CSRF Vulnerability in ZoneMinder v1.30 and v1.29: Remote Creation of Admin User Remote Denial of Service Vulnerability in Odata Server of SAP Adaptive Server Enterprise (ASE) 16 Missing Authorization Check in SAP AS JAVA's MSPRuntimeInterface Memory Corruption Vulnerabilities in Firefox 50.1 and Firefox ESR 45.6 Arbitrary Code Execution Vulnerability in Firefox 50.1 JIT Code Allocation Bypass: A Threat to ASLR and DEP Protections in Thunderbird and Firefox XSL Use-After-Free Vulnerability in Thunderbird and Firefox Skia Memory Corruption Vulnerability in Firefox < 51 Shared Hash Codes Vulnerability in Thunderbird and Firefox Web Animations Use-After-Free Vulnerability in Firefox < 51 SVG Content Manipulation Use-After-Free Vulnerability Arbitrary File Saving Vulnerability in Firefox Certificate Viewer RSS Feed Preview Privilege Escalation Vulnerability in Firefox < 51 Punycode Spoofing Vulnerability in Thunderbird and Firefox Remote Code Execution via Proxy Auto-Config (PAC) Files in Firefox < 51 Referrer Policy Bypass in Multipart Channels Data Protocol Exploitation: Cross-Extension Data Disclosure and Privilege Escalation in Firefox ESR < 45.7 and Firefox < 51 Local File Disclosure Vulnerability in Firefox < 51 Denial of Service Vulnerability in Firefox < 51: Unrestricted STUN Packet Sending via e10s WebExtensions CSP Bypass and Unauthorized Extension Installation in Firefox < 51 Insecure Communication Channel Vulnerability in JSON Viewer Privilege Escalation via Content-Injection Bug in Firefox < 51 Multiple Thread Weak Proxy Object Vulnerability in Firefox for Android (Firefox < 51) Remote Code Execution Vulnerability in Firefox < 51 via mozAddonManager Location Bar Spoofing Vulnerability in Firefox for Android (Versions < 51) Spoofed Location Bar Vulnerability in Firefox for Android (Versions < 51) Use-After-Free Vulnerability in Media Decoder in Thunderbird and Firefox World-writable cache directory allows for file replacement in Firefox (versions < 51.0.3) Memory Corruption Vulnerability in Thunderbird 45.7 Memory Corruption Vulnerability in Firefox 51 and Thunderbird 51 JIT-spray and Heap Spray Vulnerability: Bypassing ASLR and DEP in Firefox and Thunderbird Unassigned Memory Reference Vulnerability in Firefox and Thunderbird Use-After-Free Vulnerability in FontFace Object Use-after-free vulnerability in addRange method in Firefox and Thunderbird Use-after-free vulnerability in Firefox and Thunderbird Uninitialized Port Vulnerability in FTP Connections Skia Graphics Library Segmentation Fault Vulnerability SVG Filter Pixel Extraction Vulnerability Cross-Origin Video Caption Information Disclosure Vulnerability Arbitrary File Deletion Vulnerability in Mozilla Windows Updater Garbage Collection Memory Corruption Vulnerability in Firefox and Thunderbird Use-after-free vulnerability in ANGLE graphics library leads to potentially exploitable crash Buffer Overflow Vulnerability in SVG Filter Color Value Operations Segmentation Fault Vulnerability in Firefox and Thunderbird Versions < 52 Local Default Directory Information Disclosure Vulnerability Blob URL Spoofing Vulnerability in Firefox < 52 Premature Release of Networking Event Listener Leading to Null Dereference in Firefox and Thunderbird Address Bar Spoofing Vulnerability in Firefox < 52 HTTP Digest Authorization Response Out of Bounds Read Vulnerability Modal Authentication Prompt Denial of Service (DOS) Vulnerability in Firefox and Thunderbird Versions < 52 Address Bar Spoofing Vulnerability in Firefox < 52 Print Preview Spoofing Vulnerability Hyperlink-based Browser Crash Vulnerability in Firefox and Thunderbird Gecko Media Plugin Sandbox Vulnerability: Local File Access on OS X Insecure Sandbox Bypass Vulnerability in Linux Local Access Exploit: Unauthorized Loading of chrome.manifest in Firefox < 52 Integer Overflow in createImageBitmap() Allows for Sandbox Escape Memory Corruption Vulnerabilities in Firefox and Thunderbird Versions < 53 Memory Corruption Vulnerability in Firefox and Thunderbird 52 Use-after-free vulnerability in text input selection leading to potential crashes Use-after-free vulnerability in SMIL animation functions Redirected Focus Handling Use-After-Free Vulnerability in Thunderbird and Firefox Use-after-free vulnerability in Thunderbird, Firefox ESR, and Firefox allows for potentially exploitable crashes during transaction processing in the editor during design mode interactions Graphite 2 Library Out-of-Bounds Write Vulnerability Use-after-free vulnerability in XSLT processing leading to potential crash Use-after-free vulnerability in XSLT processing leading to potential crash Use-after-free vulnerability in XSLT processing leading to potentially exploitable crash Use-after-free vulnerability in Thunderbird and Firefox versions < 53, potentially leading to exploitable crashes during scroll events Use-after-free vulnerability in DOM element style changes leading to potential crashes BinHex Format Archive Out-of-Bounds Write Vulnerability Buffer Overflow Vulnerability in Thunderbird and Firefox Uninitialized Memory Read Vulnerability in Thunderbird and Firefox HTTP/2 Out-of-Bounds Read Vulnerability in Thunderbird and Firefox Out-of-Bounds Read Vulnerability in Text Layout Processing Arbitrary Memory Write Vulnerability in ClearKeyDecryptor Bidirectional Unicode Text Crash Vulnerability Address Bar Spoofing Vulnerability in Firefox for Android Address Bar Spoofing Vulnerability Address Bar Spoofing Vulnerability in Firefox for Android RSS Reader Preview Page HTML Injection Vulnerability File System Access Bypass Vulnerability in Thunderbird and Firefox Sandbox Escape and Privilege Escalation Vulnerability in Firefox ESR < 52.1 and Firefox < 53 Sandbox Bypass Vulnerability in Firefox ESR < 52.1 and Firefox < 53 Drag and Drop XSS Attack Vulnerability in Firefox < 53 WebGL Buffer Overflow Vulnerability Use-after-free vulnerability in frame selection leading to potential crash Out-of-bounds write vulnerability in Mozilla Network Security Services (NSS) Insecure Number Generation in NSS Library Spoofing Address Bar Contents in Firefox for Android via Android Intents DOM Manipulation Vulnerability in Thunderbird and Firefox SVG Content Processing Out-of-Bounds Read Vulnerability Cross-Site Scripting (XSS) via data:text/html URL Redirection Skia Content Memory Corruption and Crash Vulnerability in Thunderbird and Firefox Private Browsing Information Exposure in Firefox < 53 Buffer Overflow Vulnerability in Firefox Code (CVE-2016-6354) Memory Corruption Vulnerabilities in Firefox 53 and Firefox ESR 52.1 Memory Corruption Vulnerability in Firefox 53: Potential for Arbitrary Code Execution Use-after-free vulnerability in frameloader during tree reconstruction leading to potentially exploitable crash in Firefox and Thunderbird CSRF Vulnerability in ntopng Allows Remote User Hijacking Open Redirect Vulnerability in Serendipity Comment.php CSRF Vulnerability in Serendipity Comment Deletion CSRF Vulnerability in Serendipity 2.0.5 Allows Unauthorized Plugin Installation Directory Traversal Vulnerability in b2evolution 6.8.3 Privilege Escalation via Encrypted Password Leak in Trend Micro OfficeScan and XG Buffer Overflow in Q.933 Parser in tcpdump Buffer Overflow Vulnerability in SNMP Parser of tcpdump Buffer Overflow Vulnerability in ATM Parser of tcpdump Buffer Overflow in ISO CLNS Parser: addrtoname.c:lookup_nsap() Buffer Overflow in ISO CLNS Parser of tcpdump Information Disclosure Vulnerability in WordPress REST API Implementation Arbitrary Web Script Injection in WordPress Plugin Headers WordPress Flash File Upload CSRF Vulnerability Arbitrary Web Script Injection in WordPress Theme Fallback Functionality Bypassing Posting Restrictions in WordPress wp-mail.php WordPress Widget-Editing CSRF Vulnerability Insecure Random Number Generation in Multisite WordPress API Cross-Site Scripting (XSS) Vulnerabilities in b2evolution File Types Table Unbounded Memory Allocation Vulnerability in Quagga's Telnet 'vty' CLI Remote Login Access Vulnerability in Sawmill Enterprise 8.7.9 Denial of Service Vulnerability in JasPer 1.900.17 via Negative Value Left Shift JasPer 1.900.17 Integer Overflow Denial of Service Vulnerability Denial of Service Vulnerability in JasPer 1.900.17 via Negative Value Left Shift JasPer 1.900.17 Integer Overflow Vulnerability Denial of Service Vulnerability in JasPer 1.900.17 Memory Write Vulnerability in JasPer 1.900.27 Denial of Service Vulnerability in JasPer 1.900.27 Denial of Service Vulnerability in JasPer 1.900.27 Double Free Vulnerability in ImageMagick's magick/profile.c Memory Leak Vulnerability in ImageMagick's coders/mpc.c Heap-based Buffer Overflow in PushQuantumPixel Function in ImageMagick Out-of-Bounds Write Vulnerability in ImageMagick's coders/psd.c Out-of-Bounds Write Vulnerability in ImageMagick's coders/psd.c Heap-based Buffer Overflow in coders/psd.c in ImageMagick Arbitrary Script Injection in GeniXCMS User Prompt Function Cross-Site Scripting (XSS) Vulnerabilities in GeniXCMS User Forms SQL Injection Vulnerability in GeniXCMS 0.0.8: Remote Code Execution via author.control.php SSRF Vulnerability in GeniXCMS Media-File Upload Feature SQL Injection Vulnerability in GeniXCMS 0.0.8: Remote Code Execution via Posts.class.php Arbitrary File Execution via Media Rename in GeniXCMS Password Disclosure Vulnerability on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 Devices MapServer Remote Code Execution Vulnerability via WFS Get Feature Requests Sandbox Bypass Vulnerability in Plone 4.x and 5.x Memory Leak Vulnerability in QEMU's hw/audio/ac97.c Memory Leak Vulnerability in QEMU's hw/audio/es1370.c Multiple SQL Injection Vulnerabilities in TIBCO Spotfire Server and Spotfire Analytics Platform Vulnerability: Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) in Multiple JasperReports Server Components Information Disclosure Vulnerability in TIBCO JasperReports Library Components SAML Protocol Handling Vulnerability in tibbr Community and tibbr Enterprise Vulnerability in TIBCO Managed File Transfer Command Center and Internet Server Versions 8.0.0 and 8.0.1: Unauthorized Administrative Control Persistent Cross-Site Scripting (XSS) Vulnerability in TIBCO JasperReports Server and Related Products Remote Access Vulnerability in TIBCO JasperReports Server Improper Sandboxing Vulnerability in tibbr User Profiles Components Vulnerabilities in TIBCO DataSynapse GridServer Manager: Improper Encryption and Weak Ciphers Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO DataSynapse GridServer Manager User Account Enumeration Vulnerability in Weblate Password Reset Form Out-of-bounds read vulnerability in Samsung GPU Driver (SVE-2016-6362) Bypass vulnerability in directory traversal patch (CVE-2017-5480) allows unauthorized file access and deletion Arbitrary File Renaming Vulnerability in Symphony CMS before 2.6.10 Arbitrary Code Injection via existing-folder Parameter in Symphony CMS PHP Object Injection Vulnerability in Subrion CMS 4.0.5 via Salt Cookie in Login Request Denial of Service Vulnerability in FiberHome Fengine S5800 Switches V210R240 Buffer Over-read Vulnerability in libplist Denial of Service and System Crash Vulnerability in Linux Kernel 4.8.x and 4.9.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x Uninitialized Heap-Memory Leak in klsi_105_get_line_state Function Heap-memory information leak vulnerability in pipe_advance function in Linux kernel before 4.9.5 Incomplete Fix for setgid Privilege Escalation in Linux Kernel Memory Leak in QEMU's virgl_resource_attach_backing Function Allows DoS via VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING Commands Arbitrary Script Injection via javascript: URL in b2evolution Plugin Unauthenticated Fastboot Mode Reboot Vulnerability in OnePlus 3 and 3T OxygenOS Denial of Service and Information Disclosure Vulnerability in Foxit Reader and PhantomPDF Heap-Based Buffer Over-Read Vulnerability in LibTIFF 4.0.7 DoubleAgent Code Injection Vulnerability in Trend Micro Security Products DoubleAgent Code Injection Vulnerability in AVG Security Products DoubleAgent Code Injection Vulnerability in Avast Antivirus Products Blind SQL Injection Vulnerability in eClinicalWorks Patient Portal 7.0 build 13 Blind SQL Injection Vulnerability in eClinicalWorks Patient Portal 7.0 build 13 Open Redirect Vulnerability in Flexera FlexNet Publisher Authenticated Read-Only Administrator Can Corrupt Host Database in Linux Foundation xapi Task Cancellation Vulnerability in Linux Foundation xapi in Citrix XenServer SQL Injection Vulnerability in GeniXCMS Register.php SQL Injection Vulnerability in GeniXCMS 1.0.0: Remote Code Execution via modules Parameter Integer Overflow in VideoCore DRM Driver Allows Denial of Service or Other Impact Denial of Service Vulnerability in VideoCore DRM Driver Denial of Service via Memory Leak in QEMU's virtio_gpu_resource_attach_backing Function Memory Leak in serial_exit_core Function in QEMU Allows Denial of Service via Device Unplug Operations Out-of-Bounds Array Access and Process Crash in virglrenderer's parse_instruction Function Buffer Overflow in ModifiablePixelBuffer::fillRect Function in TigerVNC Arbitrary File Read Vulnerability in Palo Alto Networks PAN-OS Management Web Interface Arbitrary Web Script Injection in Palo Alto Networks PAN-OS Management Web Interface DQL Injection Vulnerability in OpenText Documentum Content Server 7.3 Arbitrary Command Execution Vulnerability in OpenText Documentum D2 4.x Remote Impersonation Vulnerability in yaxim and Bruno (Android) XMPP Clients Remote Impersonation Vulnerability in XMPP Clients: ChatSecure and Zom (iOS) Remote User Impersonation Vulnerability in XMPP Clients Remote User Impersonation Vulnerability in XMPP Clients Remote User Impersonation Vulnerability in Psi+ XMPP Client (CVE-2021-12345) Password Reset Vulnerability in Pagekit CMS File Disclosure and Local File Inclusion Vulnerability in ZoneMinder 1.x through v1.30.0 Infinite Loop Vulnerability in Wireshark ASTERIX Dissector DHCPv6 Dissector Loop Vulnerability Blind SQL Injection Vulnerability in eClinicalWorks healow@work 8.0 build 8 Reflected Cross Site Scripting Vulnerability in eClinicalWorks Patient Portal 7.0 build 13 Default Privileged Account Vulnerability in NetApp OnCommand Insight Out-of-Bounds Read Vulnerability in libarchive 3.2.2 Remote User Impersonation Vulnerability in Jappix XMPP Client (CVE-2021-XXXX) Remote User Impersonation Vulnerability in XMPP Clients Remote Impersonation Vulnerability in mcabber 1.0.0 - 1.0.4 Remote User Impersonation Vulnerability in Movim 0.8 - 0.10 Remote Impersonation Vulnerability in Xabber XMPP Client (Android) Information Disclosure Vulnerability in Splunk Enterprise and Splunk Light Arbitrary Code Injection through Image Filename in Piwigo SQL Injection Vulnerability in Serendipity 2.0.5: Remote Code Execution via cat Parameter Improper Restriction of Taxonomy Assignment User Interface in WordPress Press This Plugin Arbitrary SQL Execution in WP_Query in WordPress before 4.7.2 Arbitrary Web Script Injection Vulnerability in WordPress 4.7.2 Remote Code Execution via Format String Vulnerability in cgiemail and cgiecho Open Redirect Vulnerability in cgiemail and cgiecho: Remote Phishing Attack Vector HTTP Header Injection in cgiemail and cgiecho via Newline Character in Redirect Location Arbitrary Web Script Injection Vulnerability in cgiemail and cgiecho Server-Side Request Forgery (SSRF) Vulnerability in SVG Salamander Library Local Privilege Escalation in GNU Screen before 4.5.1 via Logfile Permission Vulnerability Authentication Bypass Vulnerability in Zammad XSS Vulnerability: Code Execution via Attachment Opening in Zammad Cross-Site Scripting (XSS) Vulnerability in Zammad Unauthorized ADB Access Vulnerability in OxygenOS before 4.0.3 Bootmode Manipulation Vulnerability in OxygenOS on OnePlus 3 and 3T Devices Persistent Code Execution and Privilege Escalation via Disabled dm-verity in OxygenOS OxygenOS Bootloader Partial Ciphertext Dump Vulnerability Hidden Fastboot OEM Commands Allow Unauthorized Bootloader Lock/Unlock on OxygenOS Integer Overflow in js_pushstring Function in MuJS Integer Overflow in MuJS MakeDay Function Unvalidated File Overwrite Vulnerability in PECL Download Utility Class Reflected Cross Site Scripting in KMCIS CaseAware Login Denial of Service (DoS) Vulnerability in ASUS RT-N56U Wireless Router Firmware 3.0.0.4.374_979 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in D-Link DI-524 Wireless Router Firmware 9.01 Vulnerability in Norwegian Air Shuttle Kiosk Allows Unauthorized Administrative Access Identity Leakage in Apache NiFi Cluster Environment Proxy Chain Injection Vulnerability in Apache NiFi Cluster Environment CPU Spike Vulnerability in Apache ZooKeeper Server Arbitrary Command Execution via Jakarta Multipart Parser in Apache Struts 2 Impersonation Vulnerability in Apache Impala (incubating) 2.7.0 to 2.8.0 Apache Flex BlazeDS AMF(X) Object Deserialization Vulnerability Improper ACLs during installation of Ambari Server artifacts Vulnerability: SSRF and XXE in Apache Camel's Validation Component Apache POI XML Entity Expansion (XEE) Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in Apache Log4j 2.x Apache Knox WebHDFS Impersonation Vulnerability Pipelined Request Handling Bug in Apache Tomcat Improper Use of Application Listeners in Apache Tomcat: Information Leakage Vulnerability Apache Geode Data Browser Page Access Control Bypass Vulnerability Apache Tomcat HTTP/2 Denial of Service Vulnerability HTTP Connector Regression in Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12: Processor Cache Duplication Vulnerability Insecure Transmission of Data in Apache Impala StatestoreSubscriber Lack of Response Validation in JAX-RS XML Security Streaming Clients in Apache CXF Unauthorized File Read Access in Ambari Hive View Sensitive Data Exposure in Ambari Server Host Token Caching Vulnerability in Apache CXF's STSClient Cross-Site Request Forgery (CSRF) Vulnerability in Apache Archiva REST Service Endpoints Apache Pony Mail 0.7 to 0.9 Timestamp Information Disclosure Vulnerability Apache Traffic Server Content Length and Chunked Encoding Mismatch Vulnerability Apache Traffic Server Host Header and Line Folding Vulnerability Arbitrary File Disclosure and Server Compromise via Malicious SVG Files in Apache FOP Apache Batik File Disclosure and Server Compromise Vulnerability SQL Injection Vulnerability in Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating Vulnerability: Unexpected Behavior in DefaultServlet for Static Error Pages Denial of Service Vulnerability in libmp3splt 0.9.2 Denial of Service Vulnerability in mp3splt 2.6.2 Out-of-Bounds Heap Access and Code Execution Vulnerability in QEMU's sdhci_sdma_transfer_multi_blocks Function Remote Code Execution and Denial of Service Vulnerability in bitlbee-libpurple Linux Kernel Privilege Escalation via Unrestricted Address Calculation in do_shmat Function Insecure Deletion of Secure Vault in Riverbed RiOS through 9.6.0 Privilege Escalation Vulnerability in Honeywell Industrial Printers Clear-text Disclosure of Private Key in Kony Enterprise Mobile Management (EMM) before 4.2.5.2 XSS Vulnerability in Kunena Extension 5.0.2 - 5.0.4 for Joomla! Configuration File Disclosure Vulnerability in GoAhead Web Server on Foscam, Vstarcam, and White-Label IP Cameras Command-Injection Vulnerability in GoAhead Web Server Used on Foscam, Vstarcam, and Multiple IP Camera Models PHP Object Injection Vulnerability in PEAR HTML_AJAX PHP Serializer Lenstra Side-Channel Attack on RSA-CRT Implementation in Intel QuickAssist Technology (QAT) Engine for OpenSSL Privilege Escalation Vulnerability in Intel PSET Application Install Wrapper IntelHAXM.sys Driver Privilege Escalation Vulnerability Physical Access Vulnerability in Intel Compute Stick BIOS Allows Unauthorized Access to Personal Information Vulnerability in Intel NUC BIOS Allows Unauthorized Access to Personal Information Physical Access Vulnerability in Intel NUC Systems: Unauthorized Access to Personal Information Escalation of Privilege Vulnerability in Intel Solid State Drive Toolbox Vulnerability: Privilege Escalation in Intel Manageability SKUs SGX Security Vulnerability in 6th and 7th Generation Intel Processors Denial of Service Vulnerability in Older Versions of Intel Graphics Driver for Windows Denial of Service Vulnerability in Intel Puma 5, 6, and 7 Series Firmware Firmware Data Corruption Vulnerability in Intel Solid-State Drive Professional PSF104P, PSF109P Firmware Data Corruption Vulnerability in Intel Solid-State Drives Privilege Escalation Vulnerability in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x Clickjacking Vulnerability in Intel AMT Firmware Versions Vulnerability: Local Privilege Escalation via Intel Firmware Upgrade Input Validation Error in Intel MinnowBoard 3 Firmware: Denial of Service Vulnerability Vulnerability: Insufficient Protection of Password Storage in Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH Firmware (BN0049 and below) Insecure Firmware Modification Vulnerability in Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH (versions BN0049 and below) SPI Flash Configuration Vulnerability Memory Exposure Vulnerability in Intel Core Processor Firmware Buffer Overflow Vulnerabilities in Intel Manageability Engine Firmware Buffer Overflow Vulnerabilities in Intel Server Platform Services Firmware 4.0: Local Code Execution Buffer Overflow Vulnerabilities in Intel Trusted Execution Engine Firmware 3.0 Unspecified Vector Privilege Escalation in Intel Manageability Engine Firmware Privilege Escalation Vulnerabilities in Intel Server Platform Services Firmware 4.0 Unspecified Privilege Escalations in Intel Trusted Execution Engine Firmware 3.0 Buffer Overflow Vulnerabilities in Intel AMT Firmware Allow Arbitrary Code Execution Remote Code Execution Vulnerability in Intel AMT Firmware Speculative Execution Side-Channel Vulnerability Type Confusion Vulnerability in Intel Graphics Driver Enables Privilege Escalation via Local Access Remote Code Execution Vulnerability in Intel Deep Learning Training Tool Beta 1 Arbitrary Code Execution Vulnerability in Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH Firmware (BN0049 and below) Firmware Integrity Bypass Vulnerability in Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH (BN0049 and below) Privilege Escalation via Pointer Dereference in Intel Graphics Driver Wi-Fi Frame Replay Vulnerability in Intel Dual-Band and Tri-Band Wireless-AC Products Tianocompress Bounds Checking Vulnerability Elevation of Privilege Vulnerability in Intel Software Guard Extensions Platform Software Component Critical Privilege Escalation Vulnerability in Intel Unite App Admin Portal Speculative Execution Side-Channel Vulnerability Speculative Execution Side-Channel Vulnerability Remote Clickjacking Vulnerability in HPE Matrix Operating Environment v7.6 CSRF Vulnerability Discovered in HPE Matrix Operating Environment v7.6 Critical Security Vulnerability: Missing HSTS Header in HPE Matrix Operating Environment v7.6 Remote Clickjacking Vulnerability in HPE Matrix Operating Environment v7.6 Critical Security Vulnerability: Missing HSTS Header in HPE Matrix Operating Environment v7.6 Remote Information Disclosure Vulnerability in HPE Matrix Operating Environment v7.6 Local Unauthorized Data Modification Vulnerability in HPE OfficeConnect Network Switches PT.02.01 and PT.01.03-PT.01.14 Critical Remote Denial of Service Vulnerability in HPE Version Control Repository Manager (VCRM) Local Disclosure of Sensitive Information in HPE NonStop Software Essentials (T0894 T0894H02 through T0894H02^AAI) Remote Code Execution Vulnerability in HPE LoadRunner and Performance Center Critical Remote Deserialization Vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06 Remote Bypass of Authentication in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06 Critical Remote Arbitrary File Download Vulnerability Discovered in HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06 HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06 - Local Arbitrary File Download Vulnerability Remote CSRF Vulnerability in HPE 2620 Series Network Switches (RA.15.05.0006) Critical Remote Unauthenticated Information Disclosure Vulnerability in HPE Intelligent Management Center (IMC) SOM v7.3 (E0501) Critical Remote Code Execution Vulnerability in HPE OpenCall Media Platform (OCMP) Critical Remote Code Execution Vulnerability in HPE OpenCall Media Platform (OCMP) Critical Remote Cross-Site Scripting (XSS) Vulnerability Discovered in HPE Operations Bridge Analytics v3.0 Critical Remote Unauthorized Access to Data Vulnerability in HPE Business Process Monitor v09.2x and v09.30 Critical Remote Privilege Escalation Vulnerability Discovered in HPE Vertica Analytics Platform v4.1 and Later Critical Remote Disclosure of Information Vulnerability in HPE NonStop Servers via SSH Service Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Arbitrary Code Execution Vulnerability in HPE Data Protector Critical Remote Arbitrary Code Execution Vulnerability in HPE Data Protector Critical Remote Arbitrary Code Execution Vulnerability in HPE Data Protector Remote SQL Injection Vulnerability in HPE Network Automation Versions 9.1x-10.2x Critical Remote Code Execution Vulnerability in HPE Network Automation Versions 9.1x-10.2x Remote SQL Information Disclosure Vulnerability in HPE Network Automation Versions 9.1x-10.2x Remote Unauthenticated Access Vulnerability in HPE Network Automation Versions 9.1x-10.2x Critical SQL Injection Vulnerability in HPE Network Automation Versions 9.1x-10.2x Allows Remote Authentication Bypass Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Unauthenticated Remote Code Execution Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Privilege Escalation Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Authenticated Remote Code Execution Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Reflected Cross-Site Scripting Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Arbitrary Command Execution Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Access Restriction Bypass Vulnerability in HPE Aruba ClearPass Policy Manager 6.6.x Arbitrary Code Execution via Serialized Data in Revive Adserver Cookies Session Fixation Vulnerability in Revive Adserver before 4.0.1 Allows Remote Session Hijacking Arbitrary Script Injection via Email Address in Revive Adserver Arbitrary Code Injection through Cross-Site Scripting (XSS) in Revive Adserver Denial of Service Vulnerability in libplist's parse_dict_node Function Denial of Service Vulnerability in libplist via Zero Offset Size Denial of Service Vulnerability in libplist's plist_free_data Function Denial of Service Vulnerability in gst-plugins-base Out-of-Bounds Heap Read Vulnerability in GStreamer's gst_date_time_new_from_iso8601_string Function Stack Overflow Vulnerability in gst-plugins-base Out-of-bounds Heap Read Vulnerability in GStreamer qtdemux_parse_samples Function Out-of-Bounds Heap Read Vulnerability in gst_avi_demux_parse_ncdt function Out-of-bounds write vulnerability in GStreamer's html_context_handle_element function Use-after-free vulnerabilities in GStreamer functions allow remote attackers to cause denial of service Denial of Service Vulnerability in gst-plugins-base: gst_riff_create_audio_caps Function Denial of Service Vulnerability in gst_avi_demux_parse_ncdt Function Denial of Service Vulnerability in gst-asfdemux Denial of Service Vulnerability in gst-asfdemux Denial of Service Vulnerability in gst-plugins-bad's gst_ps_demux_parse_psm Function Out-of-Bounds Read and Write Vulnerability in tiffttopnm in netpbm 10.47.63 Denial of Service Vulnerability in OpenBSD httpd via HTTP Range Header Denial of Service Vulnerability in mp3splt 2.6.2 Denial of Service Vulnerability in PoDoFo 0.9.4 Integer Overflow in PoDoFo 0.9.4's PdfParser.cpp Allows Remote Code Execution NULL Pointer Dereference and Crash Vulnerability in PoDoFo 0.9.4 NULL Pointer Dereference Vulnerability in PoDoFo PDF Parser Memory Leak in megasas_handle_dcmd Function in QEMU Allows DoS via MFI Commands Memory Leak in QEMU's virgl_cmd_resource_unref Function Allows Denial of Service Remote User Impersonation Vulnerability in Converse.js XMPP Client Certificate and RSA Key Vulnerability in Cambium Networks cnPilot R200/201 Devices (RBN-183) Incorrect Access Control in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Cross Site Scripting (XSS) vulnerability in Open-Xchange GmbH OX App Suite 7.8.3 and earlier User Enumeration Vulnerability in ownCloud Server Information Disclosure Vulnerability in ownCloud Server's Autocomplete Feature Denial of Service and Logfile Flooding Vulnerability in ownCloud Server CRLF Injection Vulnerability in OpenVPN Access Server 2.1.4 Arbitrary JSP Code Execution via Directory Traversal in Nuxeo Platform Multiple Cross-Site Scripting (XSS) Vulnerabilities in ViMbAdmin 3.0.15 Open Redirection Vulnerability in Odoo Versions <= 8.0-20160726 and Version 9 Denial of Service Vulnerability in Unisys ClearPath MCP Systems with TCP-IP-SW Unquoted Windows Search Path Privilege Escalation Vulnerability in Unisys s-Par CSRF Vulnerability in D-Link DIR-600M Rev. Cx Devices Authenticated XSS Vulnerability in dotCMS 3.7.0 via /myAccount addressID Parameter Unauthenticated XSS Vulnerability in dotCMS 3.7.0 via /news-events/events Date Parameter Unauthenticated XSS Vulnerability in dotCMS 3.7.0 - /about-us/locations/index Direction Parameter Arbitrary Code Execution via Unrestricted Class Deserialization in Red5 Media Server Blind SQL Injection Vulnerability in Exponent CMS 2.4.1 Denial of Service vulnerability in Splunk Web (SPL-130279) Remote Memory Corruption Vulnerability in GOM Player 2.3.10.5266 Arbitrary Web Script Injection Vulnerability in SANADATA SanaCMS 7.3 Boundary Check Vulnerability in gtk-vnc Integer overflows in vnc_connection_server_message and vnc_color_map_set functions in gtk-vnc before 0.7.0 Heap-based Buffer Overflow in PoDoFo 0.9.4's PdfTokenizer::GetNextToken Function SSL Pinning Bypass in WebSocket.swift in Starscream before 2.0.4 Title: CSRF Vulnerabilities in ASUS RT-AC* and RT-N* Devices Prior to Firmware 3.0.0.4.380.7378 ASUS RT-AC* and RT-N* Devices Firmware JSONP Information Disclosure Vulnerability Heap-based Buffer Overflow in MuPDF 1.10a's fz_subsample_pixmap Function Out-of-Bounds Access Vulnerability in Linux Kernel's ip6gre_err Function Integer Overflow in emulated_apdu_from_guest function in QEMU Directory Traversal Vulnerability in S-nail/S-mailx Allows Local Privilege Escalation NetComm NB16WV-02 Router Firmware XSS Vulnerability SSL Certificate Verification Vulnerability in State Bank of India State Bank Anywhere App 5.1.0 for iOS Unverified SSL Certificates in PayQuicker App 1.0.0 for iOS Allow for Man-in-the-Middle Attacks Unverified X.509 Certificates in Dollar Bank Mobile App 2.6.3 for iOS Allow Man-in-the-Middle Attacks Lack of SSL Certificate Verification in Everyday Health Diabetes in Check App for iOS Unverified X.509 Certificates in Great Southern Mobile Banking App for iOS 4.0.4 and Earlier Unverified X.509 Certificates in EFS Mobile Driver Source App 2.5 for iOS Allows for Man-in-the-Middle Attacks SSL Certificate Verification Vulnerability in Banco Santander Mexico SA Supermovil App for iOS Unverified X.509 Certificates Vulnerability in FOREXTrader for iPhone App Unverified SSL Certificates in TradeKing Forex for iPhone App 1.2.1 for iOS Unverified X.509 Certificates in DOT IT Banque Zitouna App 2.1 for iOS Unverified X.509 Certificates Vulnerability in Emirates NBD KSA App for iOS Unverified X.509 Certificates in America's First FCU Mobile Banking App for iOS Unverified X.509 Certificates in BCR Movil App 3.7 for iOS Allow Man-in-the-Middle Attacks Unverified X.509 Certificates Vulnerability in 21st Century Insurance App for iOS Heap-based Out-of-Bounds Read Vulnerability in YARA 3.5.0 Use-after-free vulnerability in YARA 3.5.0 allows remote attackers to cause denial of service MMU Side-Channel Attack: Exploiting Last Level Cache Traces to Break ASLR MMU Side-Channel Attack: Exploiting Last Level Cache Traces to Break ASLR Side-Channel Attack on MMU Operations: Exploiting Last Level Cache in ARM Processors for ASLR Bypass Vulnerability: Remote AnC Attacks via W3C High Resolution Time API Serialization Vulnerability in QOS.ch Logback SocketServer and ServerSocketReceiver Components Remote authenticated domain admins can delete protected aliases in PostfixAdmin before 3.0.2 via missing permission check in AliasHandler component Vulnerability: Integer Overflow in QEMU's virtio-crypto.c Privilege Escalation via Bash 4.4 Path Autocompletion Vulnerability Random Nonce Generation Vulnerability in Citrix NetScaler ADC and NetScaler Gateway Arbitrary Code Injection through Link Dialogue in MoinMoin GUI Editor Incorrect veth Pair Naming in OpenStack Nova-LXD Allows Security Bypass NULL Pointer Dereference Vulnerability in Virgil 3D Project Cross-site scripting (XSS) vulnerability in nav_path function in ViewVC before 1.0.14 and 1.1.x before 1.1.26 Incomplete Fix for Symlink-based Sandbox Escape in Firejail Arbitrary Code Execution Vulnerability in node-serialize 0.0.4 Reflected XSS Vulnerability in WP Mail Plugin Cross-Site Request Forgery (CSRF) Token Disclosure in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 Arbitrary Code Execution Vulnerability in Request Tracker (RT) Dashboard Subscription Interface Arbitrary Code Execution via Insufficient Filtration in PoodLL Filter Plugin for Moodle Directory Traversal Vulnerability in RubyZip Gem Allows Arbitrary File Write Vulnerability: Unauthorized Reboot into Qualcomm Emergency Download Mode on OnePlus Devices Vulnerability: OnePlus OTA Downgrade Attack Exploiting Unpatched Vulnerabilities Heap-based Out-of-Bounds Write Vulnerability in JavaScriptCore of Safari Technology Preview Release 22 Denial of Service Vulnerability in yaml-cpp (aka LibYaml-C++) 0.5.3 NULL Pointer Dereference Vulnerability in Artifex Software Ghostscript 9.20 Integer Overflow and Buffer Overflow in Vim (CVE-2017-5953) Arbitrary Code Execution Vulnerability in serialize-to-js 0.5.0 Out-of-Bounds Array Access Vulnerability in vrend_draw_vbo Function Stack-based Buffer Overflow in vrend_decode_set_framebuffer_state Function CSRF Token Bypass in GeniXCMS before 1.0.2 Allows Privilege Escalation Cross-Site Scripting (XSS) Vulnerability in Phalcon Eye Arbitrary Code Execution via Insufficient Filtration in ionize through 1.0.8 Cross-Site Scripting (XSS) Vulnerability in contexts_wurfl TYPO3 Extension Arbitrary Code Execution via Insufficient Filtration in Caddy (TYPO3) Cross-Site Scripting (XSS) Vulnerability in Emoncms through 9.8.0 Arbitrary ASP Code Execution Vulnerability in Sitecore CRM 8.1 Rev 151207 Arbitrary File Read Vulnerability in Sitecore CRM 8.1 Rev 151207 PID Information Disclosure Vulnerability in Linux Kernel Denial of Service Vulnerability in libxml2 2.9.4 in Recover Mode Denial of Service Vulnerability in Linux Kernel's ipv4_pktinfo_prepare Function NewsBee CMS SQL Injection Vulnerability Allows Remote Code Execution TCP SYN Cookie Denial of Service Vulnerability in Linux Kernel 3.x Denial of Service Vulnerability in QEMU's xhci_kick_epctx Function Heap-based Buffer Overflow in zziplib's __zzip_get32 Function Heap-based buffer overflow in __zzip_get64 function in fetch.c in zziplib 0.13.62 and earlier versions allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. Heap-based Buffer Overflow in zzip_mem_entry_extra_block function in zziplib Denial of Service Vulnerability in zzip_mem_entry_extra_block Function Out-of-Bounds Read Vulnerability in zzip_mem_entry_new Function in zziplib 0.13.62 NULL Pointer Dereference Vulnerability in zziplib 0.13.62 NULL Pointer Dereference Vulnerability in zzip_mem_entry_new Function Denial of Service Vulnerability in zziplib 0.13.62 via Crafted ZIP File Chorus2 2.4.2 Add-On for Kodi Directory Traversal Vulnerability Remote Code Execution Vulnerability in JIRA Workflow Designer Plugin Heap-Based Buffer Over-Read in ff_h264_execute_ref_pic_marking() in Libav 9.21 LXC User-NIC Vulnerability: Unauthorized Network Interface Creation and Naming Race condition in sctp_wait_for_sndbuf function in Linux kernel before 4.9.11 Denial of Service Vulnerability in QEMU's sdhci_sdma_transfer_multi_blocks Function Denial of Service Vulnerability in NetApp Clustered Data ONTAP 8.1 through 9.1P1 Cross-Site Scripting (XSS) Vulnerability in PhreeBooksERP NULL Pointer Dereference in MuPDF's pdf_run_xobject Function Openpyxl 2.4.1 XXE Vulnerability Memory Leak in vrend_renderer_init_blit_ctx Function in virglrenderer Heap-based Buffer Overflow in vrend_create_vertex_elements_state Function in virglrenderer Information Disclosure Vulnerability in NetApp ONTAP Select Deploy Administration Utility Weak %SYSTEMDRIVE%\ProgramData Permissions in Bomgar Remote Support Agent Denial of Service Vulnerability in SAP Message Server HTTP Daemon Cross-Site Scripting (XSS) Vulnerability in InterSect Alliance SNARE Epilog for UNIX Version 1.5 Insecure Cryptographic Algorithm in sysPass 2.x Incomplete Fix for Race Condition in Linux Kernel Allows Privilege Escalation CSRF and XSS Vulnerability in Subrion CMS 4.0.5.10's Admin Blog Add Functionality XSS Vulnerability in dotCMS 3.7.0: Exploitable via ext/languages_manager/edit_language in portal/layout Out-of-Bounds Read and Application Crash Vulnerability in PCRE Unquoted Service Path Vulnerability in Waves MaxxAudio on Dell Laptops Kernel Pool Overflow Vulnerability in Sophos SurfRight HitmanPro Kernel Pool Overflow Vulnerability in Sophos SurfRight HitmanPro Buffer Overflow in decode_ne_resource_id function in icoutils 0.31.1 Buffer Overflow in icoutils 0.31.1: Crash via Corrupted ICO File Processing Buffer Overflow Vulnerability in icotool's simple_vec Function SQL Injection Vulnerability in Subrion CMS 4.0.5.10 - admin/database/ Endpoint Memory Exhaustion Vulnerability in Wireshark 2.2.4 and Earlier with Crafted STANAG 4607 Capture File Ambiguous File Path Vulnerability in Rockwell Automation FactoryTalk Activation Version 4.00.02 Improper Access Control Vulnerability in LCDS LAquis SCADA Resource Exhaustion Vulnerability in Schneider Electric Modicon M340 PLCs Open Redirect Vulnerability in B. Braun Medical SpaceCom Module Denial of Service Vulnerability in Schneider Electric Conext ComBox Path Traversal Vulnerability in LCDS LAquis SCADA Software Denial of Service vulnerability in Schneider Electric ClearSCADA Hard-coded Password Vulnerability in Becton, Dickinson and Company (BD) PerformA and KLA Journal Service Stack-based Buffer Overflow Vulnerability in Fatek Automation PLC Ethernet Module Denial of Service Vulnerability in Rockwell Automation ControlLogix and CompactLogix Controllers Stack Buffer Overflow Vulnerability in CODESYS Web Server Versions 2.3 and Prior Insufficiently Random Session Numbers in Schneider Electric Modicon PLCs Arbitrary File Upload Vulnerability in CODESYS Web Server Allows Remote Code Execution Insufficiently Protected Credentials in Schneider Electric Modicon PLCs Cross-Site Scripting Vulnerability in Certec EDV GmbH atvise scada (Version < 3.0) Allows Remote Code Execution Predictable TCP Initial Sequence Number Vulnerability in Schneider Electric Modicon PLCs Header Injection Vulnerability in Certec EDV GmbH atvise scada prior to Version 3.0 Session-related Weakness in Schneider Electric Modicon Modbus Protocol: Vulnerability to Brute-Force Attacks DLL Hijacking Vulnerability in Schneider Electric IGSS Software Modicon Modbus Protocol Authentication Bypass and Command Replay Vulnerability Stack-Based Buffer Overflow in Wecon Technologies LEVI Studio HMI Editor before 1.8.1 Server-Side Request Forgery Vulnerability in Belden Hirschmann GECKO Lite Managed Switch Heap-Based Buffer Overflow in Wecon Technologies LEVI Studio HMI Editor before 1.8.1 Cross-Site Request Forgery Vulnerability in Belden Hirschmann GECKO Lite Managed Switch Phoenix Broadband PowerAgent SC3 BMS Vulnerability: Unauthorized Access via Hard-Coded Password Information Exposure Vulnerability in Belden Hirschmann GECKO Lite Managed Switch Unrestricted Upload Vulnerability in Marel Food Processing Systems Cross-Site Request Forgery Vulnerability in Sierra Wireless AirLink Raven XE and Raven XT Resource Consumption Vulnerability in Trihedral VTScada Versions prior to 11.2.26 Unauthenticated Access Vulnerability in Sierra Wireless AirLink Raven XE and Raven XT Information Exposure in Trihedral VTScada Web Server Insufficiently Protected Credentials Vulnerability in Sierra Wireless AirLink Raven XE and Raven XT Plaintext Password Exposure in Detcon Sitewatch Gateway Command Injection Vulnerability in Satel Iberia SenNet Data Logger and Electricity Meters URL-based Settings Manipulation Vulnerability in Detcon Sitewatch Gateway SQL Injection Vulnerability in Ecava IntegraXor Versions 5.2.1231.0 and Prior Uncontrolled Search Path Element Vulnerability in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and Prior Unverified Communication Channel Endpoints in Hyundai Motor America Blue Link 3.9.5 and 3.9.4 Cross-Site Scripting Vulnerability in Trihedral VTScada Versions prior to 11.2.26 Hard-Coded Cryptographic Key Vulnerability in Hyundai Motor America Blue Link Application XML External Entity (XXE) Vulnerability in eParakstitajs 3 and eParaksts Java lib Vulnerability: Denial of Service via Infinite Loop in Apache Tomcat Buffer Overflow Vulnerability in QEMU's NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c Spoofing of Page Content in Ping Identity OpenID Connect Authentication Module for Apache Remote Code Execution via Crafted Image in MuPDF 1.10a Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Financial Consolidation 10.0.0.1933 Bypassing Authentication in mod_auth_openidc SQL Injection Vulnerability in GeniXCMS 1.0.2: Remote Code Execution via menus.control.php CSRF and XSS Vulnerability in Subrion CMS 4.0.5 XSS Vulnerability in Symphony 2.6.9: Exploitable via publish/notes/edit/##/saved/ CSRF and XSS Vulnerability in Subrion CMS 4.0.5's Admin Block Creation CSRF and XSS Vulnerability in Subrion CMS 4.0.5's admin/blog/add/ Endpoint Remote Code Execution in CMS Made Simple Form Builder Information Disclosure Vulnerability in CMS Made Simple Form Builder Information Disclosure Vulnerability in CMS Made Simple Form Builder (Version 1.x) Double Free Vulnerability in Linux Kernel's DCCP Protocol Handling Cache-based RSA Key Extraction Vulnerability in wolfSSL Versions Before 3.10.2 Arbitrary OS Command Execution in NETGEAR DGN2200 Devices via ping.cgi Denial of Service Vulnerability in FastStone MaxView 3.0 and 3.1 Hidden Command Execution Vulnerability in Edgewater Networks Edgemarc Appliances Cross-Domain Request Vulnerability in Zammad CSRF Vulnerability in Zammad REST API Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in ViMbAdmin 3.0.15 Arbitrary Code Execution in EyesOfNetwork (EON) 5.0 and Earlier Multiple SQL Injection Vulnerabilities in EyesOfNetwork (EON) 5.0 and Earlier SQL Injection Vulnerability in PhpCollab 2.5.1 and Earlier Arbitrary Code Execution via Unrestricted File Upload in PhpCollab 2.5.1 and Earlier Vulnerability: Unauthorized Access to Subscriber Configuration Settings in Genexis B.V. GAPS up to 7.2 SQL Injection Vulnerability in Mail Masta WordPress Plugin SQL Injection Vulnerability in Mail Masta WordPress Plugin SQL Injection Vulnerability in Mail Masta WordPress Plugin SQL Injection Vulnerability in Mail Masta WordPress Plugin Arbitrary Web Script Injection in PayPal PHP Merchant SDK 3.9.1 FTP File Upload Vulnerability in TCPDF Persistent XSS Vulnerability in Rockhoist-Badges WordPress Plugin v1.2.2 Critical Persistent XSS Vulnerability in AnyVar v0.1.1 WordPress Plugin Critical Remote File Upload Vulnerability in Mobile App Native 3.0 WordPress Plugin CSRF Vulnerabilities in DIGISOL DG-HR1400 Wireless Router Firmware 1.00.02 Access Portal Vulnerability: Denial-of-Service (DoS) Attack on F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow SSHD Component F5 BIG-IP APM Software Vulnerability: VPN Flow Disruption and System Failure Vulnerability: Server-Side Request Forgery (SSRF) in F5 SSL Intercept iApp and SSL Orchestrator Default Administrative Password Vulnerability in F5 BIG-IP Azure Cloud Instances F5 BIG-IP High Availability State Mirror Listener Packet Sequence Vulnerability Undisclosed HTTP Requests Denial of Service Vulnerability in F5 BIG-IP LTM and Related Software Versions F5 BIG-IP Software Version 13.0.0, 12.1.0 - 12.1.2, and 11.5.1 - 11.6.1 TMM Crash Vulnerability Memory Leak Vulnerability in F5 BIG-IP Software Version 13.0.0 Vulnerability: Disruption of Service in F5 BIG-IP LTM due to TCP Fast Open and Tail Loss Probe Options Undisclosed Traffic Patterns Disruption Vulnerability in F5 BIG-IP LTM and Related Modules Vulnerability: TMM Restart in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe Software Log File Information Disclosure Vulnerability in F5 BIG-IP APM Software Undisclosed Sequence of Packets Vulnerability in BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM Vulnerability in F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2: TLS Abbreviated Handshake Disruption X509 Certificate Verification Bypass in F5 BIG-IP Advanced Firewall Manager Improper X509 Certificate Verification in F5 BIG-IP Unverified Server Certificate Vulnerability in F5 BIG-IP PEM Authorization Cookie Conversion Vulnerability in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 Vulnerability: TMM Restart Due to Undisclosed Responses in F5 BIG-IP LTM SOCKS Proxy Request Disruption Vulnerability in F5 BIG-IP F5 BIG-IP Systems Vulnerability: TMM Restart via Large Fragmented Packets Undisclosed Requests in F5 BIG-IP Software Version 13.0.0 Disrupting TMM Service Privilege Escalation: Local User Can Change Passwords of Other Users on F5 BIG-IQ Centralized Management Zip Bomb Vulnerability in F5 BIG-IP Systems F5 BIG-IP ASM bd Daemon Memory Core Dump Vulnerability F5 BIG-IP Malformed SPDY/HTTP/2 Request Vulnerability F5 BIG-IP IPSec Tunnel Impersonation Vulnerability Unauthenticated Remote Attack Vulnerability in F5 BIG-IP LTM and Related Software Versions Invalid IP Address Handling Vulnerability in F5 BIG-IP TMM Denial of Service Vulnerability in F5 BIG-IP Software Versions 12.0.0 to 12.1.2 and 11.6.0 to 11.6.1 with MPTCP Option Enabled Remote Code Execution Vulnerability in F5 BIG-IP AAM and PEM Software F5 BIG-IP ConfigSync TLS Bypass Vulnerability TMM Crash Vulnerability in F5 BIG-IP LTM Software Concurrent Stream Disruption Vulnerability in F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM Software Denial-of-Service (DoS) and Remote Command Execution Vulnerability in F5 BIG-IP LTM and Related Software Versions Cleartext Logging of SafeNet External Network HSM Partition Password in F5 BIG-IP LTM Fragmented Packet Crash Vulnerability in BIG-IP LTM and Related Software Race Conditions in iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe Software Versions 13.0.0 and 12.1.0 - 12.1.2 ROBOT Attack: Adaptive Chosen Ciphertext Vulnerability in BIG-IP Versions 11.6.0-11.6.2, 12.0.0-12.1.2 HF1, and 13.0.0-13.0.0 HF2 F5 BIG-IP Virtual Server URL Categorization Malformed URL Core File Vulnerability Privilege Escalation via Crafted IOCTL Call in USBPcap 1.1.0.0 Cross Site Request Forgery Vulnerability in Keekoon KK002 Devices 1.8.12 HD Denial of Service Vulnerability in Onigmo Regular Expression Library Remote Command Injection Vulnerability in Sophos Web Appliance (SWA) before 4.3.1.2 Remote Command Injection Vulnerability in Sophos Web Appliance (SWA) Configuration Utilities (NSWA-1314) Remote Command Injection Vulnerability in Sophos Web Appliance (SWA) before 4.3.1.2 via Token Parameter (NSWA-1303) DoubleAgent Attack: Code Injection Vulnerability in Bitdefender Total Security, Internet Security, and Antivirus Plus Buffer Overflow in DiskSavvy Enterprise 9.4.18 Web Server Allows Remote Code Execution Local File Write Vulnerability in Munin CGI Graphs Untrusted Search Path Vulnerability in Amazon Kindle for PC Allows Arbitrary Code Execution and DLL Hijacking D-Link DWR-116 Directory Traversal Vulnerability Remote Code Execution Vulnerability in APNGDis 2.8 and Below via Crafted Filename Buffer Overflow Vulnerability in APNGDis 2.8 and Earlier: Remote Code Execution and Denial of Service Buffer Overflow Vulnerability in APNGDis 2.8 and Earlier: Remote Code Execution and Denial of Service Heap-based Buffer Overflow in radare2 1.2.1's relocs function Pre-Authentication Blind SQL Injection in Ipswitch MOVEit Transfer (formerly DMZ) Use-after-free vulnerabilities in gx_image_enum_begin function in Ghostscript Denial of Service Vulnerability in r_read_* Functions in radare2 1.2.1 Inadequate Resource Limit Enforcement in Sandstorm Supervisor Comma-based Bypass Vulnerability in Sandstorm Organization Restriction Arbitrary File Read Vulnerability in Sandstorm (before build 0.203) Server Side Request Forgery (SSRF) Vulnerability in Sandstorm Install App Process Unauthenticated Command Bypass Vulnerability in D-Link DGS-1510 Websmart Devices Unauthenticated Information Disclosure Vulnerability in D-Link DGS-1510 Websmart Devices Stack-based Buffer Overflow in parse_identifier function in tgsi_text.c in Gallium Driver in virglrenderer NULL Pointer Dereference and QEMU Process Crash in vrend_decode_reset Function Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Reflected XSS Vulnerability in PayPal Invoice SDK PHP: Code Execution via permToken Parameter Denial of Service Vulnerability in Linux Kernel TCP Splice Read Function Reflected XSS Vulnerability in PayPal Permissions SDK PHP: GetAccessToken.php Reflected XSS Vulnerability in novaksolutions/infusionsoft-php-sdk v2016-10-31's leadscoring.php Reflected XSS Vulnerability in PayPal Adaptive Payments SDK PHP v3.9.2 Ruckus Wireless Zone Director Controller Firmware Ping Functionality OS Command Injection Vulnerability Ruckus Wireless Zone Director and Unleashed AP Firmware OS Command Injection Vulnerability Brocade Fibre Channel SAN Products XSS Vulnerability IPv6 Router Advertisement Vulnerability in Brocade Fibre Channel SAN Products Authenticated Root Command Injection Vulnerability in Ruckus Networks Unleashed AP and Zone Director Firmware Authenticated Root Command Injection in Ruckus Networks Solo APs and SZ managed APs Elevation of Privilege Vulnerability in NVIDIA Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in NVIDIA Sound Driver for Android (CVE-2017-6248) Elevation of Privilege Vulnerability in NVIDIA Sound Driver for Android (CVE-2017-6249) NVIDIA GeForce Experience: Untrusted Script Execution Vulnerability in NVIDIA Web Helper.exe Privilege Escalation Vulnerability in NVIDIA Windows GPU Display Driver NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Potential DoS and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability Vulnerability in NVIDIA GPU Display Driver: NULL Pointer Dereference Exploit Elevation of Privilege Vulnerability in NVIDIA libnvmmlite_audio.so on Android NVIDIA GPU Display Driver Kernel Mode Vulnerability: Denial of Service via Invalid State Detection Denial of Service Vulnerability in NVIDIA Windows GPU Display Driver Insufficient Protection Mechanisms in NVIDIA Vibrante Linux User Space Driver Race condition vulnerability in NVIDIA driver for Android allows unauthorized code execution and privilege escalation (N-CVE-2017-6262) Use After Free Vulnerability in NVIDIA Driver for Android (N-CVE-2017-6263) Elevation of Privilege Vulnerability in NVIDIA GPU Driver (gm20b_clk_throt_set_cdev_state) Allows Arbitrary Code Execution NVIDIA GPU Display Driver Kernel Mode Access Control Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler Infinite Loop Denial of Service Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Divide by Zero Denial of Service NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Divide by Zero Denial of Service NVIDIA GPU Display Driver Kernel Mode Vulnerability NVIDIA ADSP Firmware ADSP Loader Buffer Overflow Vulnerability Elevation of Privilege Vulnerability in Pixel Thermal Driver (N-CVE-2017-6274) Information Disclosure Vulnerability in Pixel Thermal Driver Use After Free Vulnerability in NVIDIA Mediaserver NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability NVIDIA Tegra CORE DVFS Thermal Driver Buffer Overflow Vulnerability Elevation of Privilege Vulnerability in NVIDIA libnvmmlite_audio.so on Android Possible Out-of-Bounds Read Vulnerability in NVIDIA Driver: Moderate Information Disclosure Risk Possible Out of Bounds Write Vulnerability in NVIDIA libnvomx NVIDIA Tegra Kernel Driver Privilege Escalation Vulnerability High-Risk Vulnerability in NVIDIA Security Engine: Keyslot Permissions Cleared on Chip Reset Vulnerability in NVIDIA Security Engine's Deterministic Random Bit Generator (DRBG) Leads to Information Disclosure Possible Out of Bounds Read Vulnerability in NVIDIA libnvrm on Android Possible Out of Bounds Write Vulnerability in NVIDIA libnvomx Possible Out of Bounds Read Vulnerability in NVIDIA libnvrm Possible Out of Bounds Read Vulnerability in NVIDIA libnvrm on Android Critical Memory Corruption Vulnerability in NVIDIA Trusted Execution Environment (TEE) on Android Integer Overflow Vulnerability in NVIDIA TLK TrustZone Integer Overflow Vulnerability in NVIDIA TLZ TrustZone Buffer Overflow Vulnerability in NVIDIA Tegra X1 TZ Widevine TA NVIDIA Tegra X1 TZ Out of Bounds Write Vulnerability NVIDIA TrustZone Software Keymaster Buffer Overflow Vulnerability TOCTOU Vulnerability in NVIDIA TrustZone Software: Denial of Service and Privilege Escalation L2TP Client in MikroTik RouterOS: Encryption Bypass Vulnerability Null Pointer Dereference Vulnerability in ytnef Infinite Loop / DoS Vulnerability in ytnef's TNEFFillMapi Function Buffer Overflow Vulnerability in ytnef 1.9.1 and earlier Out of Bounds Reads Vulnerability in ytnef Integer Overflow Vulnerability in ytnef ytnef 1.9.1 Vulnerability: Invalid Write and Integer Overflow Out of Bounds Read Vulnerability in ytnef Out of Bounds Read and Write Vulnerability in ytnef Directory Traversal Vulnerability in ytnef's SanitizeFilename Function Out-of-Bounds Write Vulnerabilities in tnef 1.4.13 Integer Overflows Leading to Heap Overflows in tnef Type Confusion Vulnerabilities in tnef parse_file() Function Type Confusion Vulnerabilities in tnef NULL Pointer Dereference Vulnerability in gdk-pixbuf-thumbnailer.c Integer Overflow in gdk-pixbuf's io-ico.c Leading to Denial of Service Integer Underflow Vulnerability in gdk-pixbuf's load_resources Function Denial of Service Vulnerability in gdk-pixbuf's make_available_at_least Function Arbitrary Code Execution Vulnerability in Astaro Security Gateway 7 Remote Command Execution via CGISESSID Cookie in Citrix NetScaler SD-WAN Devices Memory Leak in add_shader_program function in virglrenderer.c Remote Information Disclosure Vulnerability in saned (sane-backends 1.0.25) Buffer Overflow Vulnerability in radare2 1.2.1's dex_parse_debug_item Function Barracuda Load Balancer Remote Command Injection Vulnerability XML External Entity (XXE) Vulnerability in Symantec Management Console Bypassing 'Disarm' Functionality in Symantec Messaging Gateway Title: Remote Code Execution Vulnerability in Symantec Messaging Gateway Remote Code Execution Vulnerability in Symantec Messaging Gateway Remote Code Execution Vulnerability in Symantec Messaging Gateway Cross-Site Request Forgery Vulnerability in Symantec Messaging Gateway DLL Pre-Loading Vulnerability in Symantec VIP Access for Desktop prior to 2.2.4 Denial of Service Vulnerability in Symantec Encryption Desktop Tamper-Protection Bypass Vulnerability in Symantec Endpoint Protection (SEP) 14 RU1 Arbitrary OS Command Execution in NETGEAR DGN2200 Devices via dnslookup.cgi Denial of Service Vulnerability in GraphicsMagick 1.3.25 and Earlier Access Control Vulnerabilities in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 Insecure Key and Certificate Management in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 Cross-Site Scripting (XSS) Vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 Cleartext Password Disclosure in Dahua DHI-HCVR7216A-S3 Devices Automatic Login Vulnerability in Dahua DHI-HCVR7216A-S3 Devices Authentication Bypass Vulnerability in Dahua DHI-HCVR7216A-S3 Devices Grails PDF Plugin 0.6 XML External Entity (XXE) File Read Vulnerability LLC Subsystem Destructor Vulnerability Race condition vulnerability in Linux kernel before 4.9.13 allows denial of service or other impact via multithreaded application Incorrect skb Data Layout in ip_cmsg_recv_checksum Function in Linux Kernel Improper Lock Dropping in hashbin_delete Function in Linux Kernel Allows Deadlock Integer Overflow Vulnerability in Vim Vulnerability: Integer Overflow in Vim's Undo File Handling Hardcoded Manufacturer Account Vulnerability in WePresent WiPG-1500 Firmware 1.0.3.7 Denial of Service Vulnerability in Linux Kernel through 4.10.1 Integer Overflow in vrend_create_shader Function in virglrenderer.c Weak Permissions in Palo Alto Networks Terminal Services Agent 6.0, 7.0, and 8.0 Unspecified Vector Vulnerability in QNAP QTS before 4.2.4 Build 20170313 Unspecified Vector Privilege Escalation Vulnerability in QNAP QTS Arbitrary Command Execution Vulnerability in QNAP QTS before 4.2.4 Build 20170313 Double Free Vulnerability in libgd2: Remote Denial of Service via Empty Palette Heap-based Buffer Over-read in tiffWriter of GD Graphics Library (LibGD) through 2.2.5 CSRF Vulnerability in NETGEAR DGN2200 Routers with Firmware 10.0.0.20 through 10.0.0.50 Cerberus FTP Server 8.0.10.1 Denial of Service Vulnerability Remote Code Execution via 'system' Entrypoint in Firebird UDF Subsystem Sensitive Information Disclosure in TYPO3 7.6.15 via Insecure HTTP Request Denial of Service Vulnerability in Synchronet BBS 3.16c for Windows Access Bypass Vulnerability in Drupal 8.2.x before 8.2.7 CSRF Vulnerability in Drupal 8.2.x before 8.2.7 Allows Block Disabling Vulnerability: Remote Code Execution in Drupal 8 Development Library Memory Leak in Atheme 7.2.7 Login User Function Allows Remote DoS Memory Leak in vrend_create_vertex_elements_state Function in virglrenderer Out-of-Bounds Read Vulnerability in radare2 1.2.1's dex_loadcode Function Cross-Site Scripting (XSS) Vulnerability in whatanime.ga Cross-Site Scripting (XSS) Vulnerability in Kaltura Server Lynx-12.11.0 Cross-Site Scripting (XSS) Vulnerability in Kaltura Server Lynx-12.11.0 Cross-Site Scripting (XSS) Vulnerability in NagVis 1.9b12 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenEMR 5.0.0 and 5.0.1-dev Arbitrary Code Execution in HashOver 2.0 via Insufficient Filtration Cross-Site Scripting (XSS) Vulnerability in WPO-Foundation WebPageTest 3.0 Cross-Site Scripting (XSS) Vulnerability in FlightAirMap v1.0-beta.10 Arbitrary Command Injection in Trend Micro InterScan Messaging Security Privileged Remote Command Execution in Veritas NetBackup Privileged Command Execution Vulnerability in Veritas NetBackup Arbitrary Command Execution Vulnerability in Veritas NetBackup and NetBackup Appliance Denial of Service Vulnerability in Veritas NetBackup and NetBackup Appliance Hardcoded Username and Password Vulnerability in Veritas NetBackup and NetBackup Appliance World-writable log files vulnerability in Veritas NetBackup and NetBackup Appliance DNS Spoofing Vulnerability in Veritas NetBackup and NetBackup Appliance Arbitrary Privileged Command Execution Vulnerability in Veritas NetBackup Privileged Remote Command Execution in Veritas NetBackup Local Privilege Escalation Race Condition in Veritas NetBackup and NetBackup Appliance Unauthenticated CORBA Interfaces Vulnerability in Veritas NetBackup PAC File Information Disclosure Vulnerability CSRF Vulnerability in D-Link DSL-2730U C1 IN_1.00 Devices Allows Unauthorized Configuration Changes Session Fixation Vulnerability in Sophos Web Appliance (SWA) before 4.3.1.2 (NSWA-1310) Authentication Bypass in mod_auth_openidc 2.1.6 and earlier Memory Leak in vcard_apdu_new Function in libcacard NULL Pointer Dereference Vulnerability in radare2 1.2.1 Buffer Overflow Vulnerability in SysGauge SMTP Connection Verification DoubleAgent Code Injection Vulnerability in Avira Total Security Suite and Other Products Out-of-Bounds Read Vulnerability in ClamAV 0.99.2 Heap-based Buffer Overflow in libmspack 0.5alpha Allows Remote Code Execution via Crafted CHM File Use-after-free vulnerability in ClamAV 0.99.2 allows remote attackers to cause denial of service in wwunpack function Buffer Overflow Vulnerability in Qualcomm Touch Controller Function Elevation of Privilege Vulnerability in Qualcomm Kyro L2 Driver on Android Elevation of Privilege Vulnerability in Qualcomm WiFi Driver for Android Qualcomm Video Driver Information Disclosure Vulnerability in Android Kernel Qualcomm SPMI Driver Information Disclosure Vulnerability in Android Kernel Buffer Overflow Vulnerability in EvoStream Media Server 1.7.1 Allows Remote Code Execution Buffer Overflow in Tcpreplay's tcpcapinfo Utility Out-of-Bounds Read Vulnerability in Ettercap's Etterfilter Utility Unencrypted Binary Protocol Allows Man-in-the-Middle Attack on Dahua DHI-HCVR7216A-S3 Devices Memory Corruption Vulnerability in libplist's parse_string_node Function Memory Allocation Error in libplist's parse_string_node Function Out-of-Bounds Read Vulnerability in libplist 1.12's base64encode Function Heap-based Buffer Overflow in libplist's parse_unicode_node Function Heap-based Buffer Overflow in libplist's parse_string_node Function Allows Denial of Service Memory Allocation Error in libplist's parse_data_node Function Denial of Service Vulnerability in PHP 7.1.2 via declare(ticks= EPSON TMNet WebConfig 1.00 W_AD1 Parameter Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in MikroTik Router hAP Lite 6.25 Unencrypted and Unsigned Auto-Update Vulnerability in OpenELEC Cross-Site Scripting (XSS) Vulnerability in Dotclear v2.11.2: admin/blogs.php and admin/users.php Stack-based Buffer Overflow in radare2 1.2.1's dalvik_disassemble Function Arbitrary Code Execution via Out-of-Bounds Memory Write in NTP's MX4200 Refclock Stack-based Buffer Overflow in Windows Installer for NTP Privilege Escalation via PPSAPI_DLLS Environment Variable in NTP Buffer Overflow Vulnerabilities in NTP ctl_put* Functions Windows Installer Vulnerability in NTP Prior to 4.2.8p10 and 4.3.x Prior to 4.3.94 Stack-based buffer overflow in ntpq reslist function allows remote servers to have unspecified impact Buffer Overflow in Legacy Datum Programmable Time Server (DPTS) Refclock Driver in NTP NTP Remote Authenticated Denial of Service Vulnerability NTP Mode Configuration Directive Denial of Service Vulnerability FTPShell Client 6.53 Remote Code Execution Vulnerability Insecure File Downloads and Execution Vulnerability in F-Secure Software Updater Netscaler File Parser Infinite Loop Vulnerability NetScaler File Parser Crash Vulnerability LDSS Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10 IAX2 Infinite Loop Vulnerability in Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10 WSP Infinite Loop Vulnerability in Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10 RTMPT Dissector Infinite Loop Vulnerability Wireshark K12 File Parser Crash Vulnerability NetScaler File Parser Infinite Loop Vulnerability Reflected XSS Vulnerability in MaNGOSWebV4 (before 4.0.8) Install/Index.php (Step Parameter) Reflected XSS Vulnerability in FenixHosting/fenix-open-source Forums Reflected XSS Vulnerability in groovel/cmsgroovel before 3.3.7-beta in commons/browser.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpipam 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATutor 2.2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in INTER-Mediator 5.5 Cross-Site Scripting (XSS) Vulnerability in php-calendar Cross-Site Scripting (XSS) Vulnerability in reasoncms before 4.7.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EPESI 1.8.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EPESI 1.8.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EPESI 1.8.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EPESI 1.8.1.1 EPESI 1.8.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Admidio 3.2.5: Unsanitized Input in dates_function.php NULL Pointer Dereference Vulnerability in ImageMagick 6.9.7 Denial of Service Vulnerability in ImageMagick 6.9.7 Memory Leak Vulnerability in ImageMagick 6.9.7 Heap-Based Buffer Over-Read Vulnerability in ImageMagick 6.9.7 NULL Pointer Dereference Vulnerability in ImageMagick 6.9.7 File-Descriptor Leak Vulnerability in ImageMagick 6.9.7 Unescaped Values in qBittorrent WebUI: Potential XSS Vulnerability Clickjacking Vulnerability in qBittorrent WebUI Denial of Service Vulnerability in QEMU's ohci_service_ed_list Function Buffer Overflow Vulnerability in Azure Data Expert Ultimate 2.2.16 SMTP Verification Function Vulnerability: Increased Attack Surfaces in AppArmor Profiles CRLF Injection Vulnerability in Wget's url_parse Function Reflected XSS Vulnerability in Smith0r/burgundy-cms (admin/components/menu/views/menuitems.php) Directory Traversal Vulnerability in Easy File Sharing FTP Server version 3.6 Reflected XSS Vulnerability in andrzuk/FineCMS (before 2017-03-06) Arbitrary File Mode Setting Vulnerability in File-Path Module Remote Code Execution in WHMCS Reseller Module V2 2.0.2 WordPress 4.7.2 Path Disclosure Vulnerability Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX Platforms Skype 7.16.0.102 DLL Loading Arbitrary Code Execution Vulnerability Arbitrary Web Script Injection in SANADATA SanaCMS 7.3 via txtFrom Parameter Avahi-daemon Denial of Service and Information Leakage Vulnerability BOSE Soundtouch 30 Multicast DNS (mDNS) Responder Vulnerability Unauthenticated Command Execution Vulnerability in dnaTools dnaLIMS 4-2015s13 NUL-Terminated Directory Traversal Vulnerability in dnaLIMS 4-2015s13 Plaintext Password Storage Vulnerability in dnaTools dnaLIMS 4-2015s13 Session Hijacking Vulnerability in dnaTools dnaLIMS 4-2015s13 Arbitrary Password Change Vulnerability in Televes COAXDATA GATEWAY 1Gbps Devices Lack of Access Control in Televes COAXDATA GATEWAY 1Gbps Backup/Restore Feature Cleartext Credentials Vulnerability in Televes COAXDATA GATEWAY 1Gbps Devices Cross-Site Scripting (XSS) Vulnerability in webpagetest 3.0 Cross-Site Scripting (XSS) Vulnerability in webpagetest 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in webpagetest 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in webpagetest 3.0 Cross-Site Scripting (XSS) Vulnerability in webpagetest 3.0 Cross-Site Scripting (XSS) Vulnerability in webpagetest 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in webpagetest 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in webpagetest 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in webpagetest 3.0 Buffer Overflow Vulnerability in PuTTY's ssh_agent_channel_data Function Remote Code Execution Vulnerability in Tenable Nessus on Windows Reflected XSS Vulnerability in wuhu-master/www_admin/users.php (id parameter) Arbitrary JavaScript Injection in ASUS Router Firmware Buffer Overflow Vulnerability in ASUS Routers with Firmware Before 3.0.0.4.380.7378 and Asuswrt-Merlin Firmware Before 380.65_2 Session Hijack Vulnerability in ASUS Routers with Firmware Before 3.0.0.4.380.7378 and Asuswrt-Merlin Firmware Before 380.65_2 Multiple SQL Injection Vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS): Remote Code Execution Remote Code Execution and Denial of Service Vulnerability in Pexip Infinity Insufficient Default IPv6 Routing Table Size in Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 Devices: A Potential Denial-of-Service Vulnerability Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061: Remote Full Access Vulnerability Arbitrary Code Execution via ACT_NEWFILESENT Action in Quest Privilege Manager Arbitrary Script Injection in CMS Made Simple 2.1.6 via Category Description Arbitrary Script Injection in CMS Made Simple (CMSMS) 2.1.6 SQL Injection Vulnerability in ArrayOS Allows Remote Code Execution Authentication Bypass Vulnerability in iBall Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n Cross-Site Scripting (XSS) Vulnerability in Agora-Project 3.2.2 via index.php?disconnect=1&msgNotif[]=[XSS] Attack Cross-Site Scripting (XSS) Vulnerability in Agora-Project 3.2.2 via index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] Cross-Site Scripting (XSS) Vulnerability in Agora-Project 3.2.2 via index.php?ctrl=object&action=[XSS] Attack Cross-Site Scripting (XSS) Vulnerability in Agora-Project 3.2.2 via index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] Arbitrary File Download Vulnerability in Franklin Fueling Systems TS-550 evo 2.3.0.7332 Unsanitized File Upload Vulnerability in Franklin Fueling Systems TS-550 evo 2.3.0.7332 Devices SQL Injection Vulnerability in Mail Masta WordPress Plugin 1.0 SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress SQL Injection Vulnerability in Mail Masta WordPress Plugin 1.0 SQL Injection Vulnerability in Mail Masta WordPress Plugin 1.0 SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress SQL Injection Vulnerability in Mail Masta Plugin 1.0 for WordPress Cross-Site Scripting (XSS) Vulnerability in EpicEditor 0.2.3 via Insecure Default Marked.js Configuration Local File Access and Command Execution Vulnerability in network-manager-applet Cross-Site Scripting Vulnerability in django-epiceditor 0.2.3 via Crafted Form Field Content Transit Path Validation Code Vulnerability in Heimdal before 7.3 Heap-based Buffer Overflow Vulnerability in partclone 0.2.89: Insufficient Validation of partclone Image Header Command Injection Vulnerability in Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Privilege Escalation Vulnerability in Cisco UCS Manager, Firepower 4100 Series NGFW, and Firepower 9300 Security Appliance gRPC Handling Vulnerability in Cisco IOS XR Software Command Injection Vulnerability in Cisco UCS Manager, Firepower 4100 Series NGFW, and Firepower 9300 Security Appliance Command Injection Vulnerability in Cisco UCS Manager, Firepower 4100 Series NGFW, and Firepower 9300 Security Appliance Command Injection Vulnerability in Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance Denial of Service Vulnerability in Cisco ASR 903 and ASR 920 Series Devices with RSP2 Card Cisco IMC Software Web Interface Open Redirect Vulnerability Cisco Identity Services Engine (ISE) Web Management Interface Reflective XSS Vulnerability Vulnerability in Cisco IOS XE Software Startup Script Allows Arbitrary Command Execution Cisco ASA Software DNS Code Vulnerability Cisco ASA Software SSL/TLS Code Parsing Vulnerability Vulnerability in Cisco ASA Software IPsec Code Allows Remote System Reload Vulnerability in Cisco ASA Software IKEv1 XAUTH Code Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure 2.2(2) HTTP Traffic Redirection Vulnerability in Cisco ASR 5000 Series Aggregation Services Routers Cisco Prime Network Registrar DNS Input Packet Processor Vulnerability Unauthenticated File Download Vulnerability in Cisco FindIT Network Probe Software 1.0.0 Cisco IOS XE 3.16 SNMP Subsystem Race Condition Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in Cisco IMC Web GUI Cisco IMC Web-Based GUI Session Hijacking Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco IMC 3.0(1c) Web GUI Arbitrary Command Execution Vulnerability in Cisco IMC 3.0(1c) Remote Management ACL Bypass Vulnerability in Cisco CVR100W Wireless-N VPN Router Title: Cisco Prime Collaboration Provisioning Web Interface Vulnerability Allows Unauthorized Access to Sensitive Data Cisco Prime Collaboration Provisioning: Unauthenticated Remote Command Injection Vulnerability Privilege Escalation Vulnerability in Cisco Policy Suite (CPS) Software Unauthorized Phone Call Vulnerability in Cisco CallManager Express (CME) Denial of Service Vulnerability in Cisco Firepower System Software SSL Policy Handling Undocumented Hard-Coded Password Vulnerability in Cisco Finesse Notification Service Cisco IOS and IOS XE UDP Processing Code Denial of Service Vulnerability Denial of Service Vulnerability in Cisco WAAS SMART-SSL Accelerator Functionality Arbitrary File Access Vulnerability in Cisco Unity Connection 10.5(2) Cisco IP Phone 8851 SIP Implementation Denial of Service Vulnerability Denial of Service Vulnerability in Cisco Yes Set-Top Box Receivers Denial of Service Vulnerability in Cisco FirePOWER System Software Logging Configuration Cisco UCS C-Series Rack Servers 3.0(0.234) TCP Throttling Denial of Service Vulnerability Cross-Site Request Forgery Vulnerability in Cisco Industrial Ethernet 1000 Series Switches 1.3 Device Manager Web Interface Cisco Prime Collaboration Provisioning Software Directory Traversal File Deletion Vulnerability Cisco Prime Collaboration Provisioning Software Directory Traversal Vulnerability Cisco Prime Collaboration Provisioning Software Directory Traversal File Deletion Vulnerability Privilege Escalation via DLL Loading Vulnerability in Cisco AnyConnect Secure Mobility Client for Windows Unauthenticated Remote Code Execution Vulnerability in Cisco Prime Data Center Network Manager (DCNM) Vulnerability: Default, Static Password in Cisco Prime Data Center Network Manager (DCNM) Software Denial of Service (DoS) Vulnerability in Cisco Remote Expert Manager Software 11.0.0 Unauthenticated Remote Access to Sensitive Information in Cisco Remote Expert Manager Software 11.0.0 Cisco Remote Expert Manager Software 11.0.0 Web Interface Information Disclosure Vulnerability Cisco Remote Expert Manager Software 11.0.0 Web Interface Information Disclosure Vulnerability Cisco Remote Expert Manager Software 11.0.0 - Sensitive Information Disclosure Vulnerability Unauthenticated Access to Sensitive Order Information in Cisco Remote Expert Manager Software 11.0.0 Unauthenticated Access to Sensitive Temporary File Information in Cisco Remote Expert Manager Software 11.0.0 Cisco TelePresence Codec and Collaboration Endpoint Software Denial of Service Vulnerability Command Injection Vulnerability in Cisco NX-OS System Software 7.1-7.3 on Nexus Series Switches Command Injection Vulnerability in Cisco NX-OS System Software Incomplete Configuration of robots.txt File in Cisco WebEx Meetings Server Allows Unauthorized Access to Scheduled Customer Meetings Arbitrary File Access Vulnerability in Cisco TelePresence IX5000 Series Denial of Service (DoS) Vulnerability in Cisco ISE GUI TCP Throttling Process Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Fibre Channel over Ethernet (FCoE) Protocol Denial of Service Vulnerability Denial of Service Vulnerability in Cisco IP Phone 8800 Series Devices Ether Type Validation Vulnerability in Cisco Sourcefire Snort 3.0 before Build 233 Buffer Overread Vulnerability in Cisco Sourcefire Snort 3.0 before Build 233 Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Prime Collaboration Assurance Message Tracking XSS Vulnerability in Cisco Email Security Appliance and Content Security Management Appliance XML Injection Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager Autonomic Networking Denial of Service Vulnerability Autonomic Networking Vulnerability in Cisco IOS XE Software Autonomic Networking Vulnerability: ACP Reset and Information Disclosure Denial of Service Vulnerability in Cisco IOS XR Software for Cisco NCS 5500 Series Routers Arbitrary Code Execution Vulnerability in Cisco Context Service SDK SQL Injection Vulnerabilities in Cisco Unified Communications Domain Manager (CUCDM) Web GUI Multiple Buffer Overflow Vulnerabilities in Cisco WebEx Network Recording Player Open Redirect Vulnerability in Cisco Unified Communications Domain Manager Bypassing Configured Filters in Cisco Email Security Appliance Bypassing Access Control Lists (ACLs) in Cisco ASR 5000 Series Routers Cisco Firepower Management Center User Information Disclosure Vulnerability Bypassing URL Filters in Cisco Firepower System Software Cisco Industrial Network Director Web Interface Reflected XSS Vulnerability Denial of Service Vulnerability in Cisco Virtualized Packet Core-Distributed Instance Software Undocumented Encrypted Remote Support Tunnel Vulnerability in Cisco Umbrella Virtual Appliance Arbitrary Directory Creation Vulnerability in Cisco Ultra Services Framework Relative Path Traversal Vulnerability in AutoVNF VNFStagingView Class of Cisco Ultra Services Framework Arbitrary Command Execution Vulnerability in Cisco Elastic Services Controllers Authentication Request Processing Arbitrary Command Execution Vulnerability in Cisco Elastic Services Controllers Insecure Default Credentials Vulnerability in Cisco Elastic Services Controllers Insecure Default Credentials Vulnerability in Cisco Ultra Services Framework Staging Server Insecure Default Credentials Vulnerability in Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability in Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability in Cisco Elastic Services Controllers Insecure Default Administrator Credentials Vulnerability in Cisco Elastic Services Controllers Vulnerability in File Check Operation of Cisco ASR 5000 Series Aggregated Services Routers ConfD CLI Information Disclosure Vulnerability Insecure Default Account Information Vulnerability in Cisco Ultra Services Framework Element Manager Unauthorized Directory Access Vulnerability in Cisco Elastic Services Controllers Vulnerability in Cisco Ultra Services Platform's VNFM Logging Function Allows Unauthorized Access to Sensitive Data ConfD Server Vulnerability in Cisco Ultra Services Platform: Unauthorized Access to Sensitive Information Local Access Vulnerability in Cisco Elastic Services Controllers Authentication Bypass Vulnerability in Cisco Elastic Services Controllers SQL Injection Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager Reflected Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability in Cisco Identity Services Engine (ISE) Portal Cross-Site Scripting (XSS) Vulnerability in Cisco SocialMiner Web Framework Session Hijacking Vulnerability in Cisco Prime Collaboration Provisioning Tool Arbitrary File Download Vulnerability in Cisco Prime Collaboration Provisioning Tool Local Information Disclosure Vulnerability in Cisco Prime Collaboration Provisioning Tool Cisco Prime Collaboration Provisioning Tool Logging Subsystem Information Disclosure Vulnerability Command Injection Vulnerability in Cisco StarOS CLI Symlink Creation Vulnerability in Cisco Ultra Services Framework Clear Text Storage of Administrative Credentials in AutoVNF Tool for Cisco Ultra Services Framework Privilege Escalation in Cisco VNF Element Manager Insecure Default Configuration in Cisco Ultra Services Framework UAS Allows Unauthorized Access Privilege Escalation Vulnerability in Cisco Elastic Services Controller Static Default Credentials Vulnerability in Cisco Elastic Services Controller (ESC) Allows Unauthenticated Remote Access Arbitrary Command Execution Vulnerability in Cisco Ultra Services Framework Staging Server Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center Software Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center Web Framework Privilege Escalation Vulnerability in Cisco IOS XR Software Command Injection Vulnerability in Cisco IOS XR Software Cisco Small Business Managed Switches SSH Denial of Service Vulnerability Cisco WAAS Fragmented TCP Packet Ingress Processing Denial of Service Vulnerability Clear Text Authentication Vulnerability in Cisco Unified Contact Center Express (UCCx) XMPP Service Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Framework Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Framework Cisco Prime Network Gateway CLI Information Disclosure Vulnerability Cisco WAAS SMB Protocol Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in Cisco IOS XR Software Cisco StarOS BGP Processing Denial of Service Vulnerability Cisco WAAS Central Manager Information Disclosure Vulnerability Cisco IOS XR Software MSDP Ingress Packet Processing Denial of Service Vulnerability Privilege Escalation Vulnerability in Cisco Prime Network Software Installation Procedure Stored Cross-Site Scripting Vulnerability in Cisco Identity Services Engine (ISE) Portal Cross-Site Scripting (XSS) Vulnerability in Cisco Identity Services Engine (ISE) Software Guest Portal Arbitrary Code Execution Vulnerability in Cisco FireSIGHT System Software Backup and Restore Functionality Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SNMP Subsystem Multiple Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software via SNMP Cisco Videoscape Distribution Suite (VDS) Cache Server Denial of Service Vulnerability Command Injection Vulnerability in Cisco Web Security Appliance (WSA) Web Interface Cisco Identity Services Engine (ISE) Authentication Bypass Vulnerability Command Injection Vulnerability in Cisco Web Security Appliance (WSA) CLI Parser Stored Cross-Site Scripting Vulnerability in Cisco Web Security Appliance (WSA) Management Interface Static Credentials Vulnerability in Cisco Web Security Appliance (WSA) Access Control Bypass Vulnerability in Cisco Web Security Appliance (WSA) Cisco ASA Web Interface Username Enumeration Vulnerability Arbitrary Code Execution Vulnerability in Cisco WebEx Browser Extensions Blind SQL Injection Vulnerability in Cisco Smart Net Total Care Software Collector Appliance 3.11 Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Collaboration Provisioning (PCP) Tool Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Prime Collaboration Provisioning Tool Blind SQL Injection Vulnerability in Cisco Unified Communications Manager Arbitrary File Access Vulnerability in Cisco Unified Communications Manager 11.5(1.10000.6) Arbitrary File Write Vulnerability in Cisco Prime Collaboration Provisioning Tool 12.1 Cisco Finesse Web-Based Management Interface XSS Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) Web-Based Management Interface H.264 Protocol Denial of Service Vulnerability in Cisco Meeting Server (CMS) 2.1.4 Cisco ASA Web-Based Management Interface XSS Vulnerability Cisco ASA WebVPN XSS Vulnerability Bypassing SSL Decryption and Inspection Policy in Cisco Firepower System Software Cisco APIC Privilege Escalation Vulnerability Privilege Escalation Vulnerability in Cisco APIC Devices Stored XSS Vulnerability in Cisco Secure Access Control System (ACS) Web Interface Vulnerability in OSPF Routing Protocol LSA Database Insufficient Protection of Sensitive Data in Cisco Ultra Services Framework AutoVNF Automation Tool Insufficient Protection of Sensitive Data in Cisco Elastic Services Controller (ESC) Cisco ASR 5000 Series Aggregated Services Routers CLI Bypass Vulnerability Cisco ASR 5000 Series Aggregated Services Routers: Sensitive System File Overwrite Vulnerability Privilege Escalation Vulnerability in Cisco ASR 5000 Series Aggregated Services Routers Cross-Site Scripting (XSS) Vulnerability in Cisco Elastic Services Controller (ESC) Web Framework Insufficient Protection of Sensitive Files in Cisco Elastic Services Controller (ESC) Allows Unauthorized Access to System Information Information Disclosure Vulnerability in Cisco Ultra Services Platform Cisco Collaboration Products Denial of Service Vulnerability Memory Exhaustion Vulnerability in Cisco IoT Field Network Director (IoT-FND) Privilege Escalation Vulnerability in Cisco Policy Suite (CPS) Software Cisco Prime Infrastructure Web Interface Remote Code Injection Vulnerability Vulnerability: Unauthorized Access to Confidential Information via SNMP Polling Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Interface Information Disclosure Vulnerability Privilege Escalation in Cisco Unified Communications Manager Configuration Modification Permissions Validation Improper Protection of Log Files in Cisco Elastic Services Controller Cross-Site Scripting (XSS) Vulnerability in Cisco AnyConnect Secure Mobility Client Software Cisco Unified Intelligence Center Web Interface DOM-based XSS Vulnerability Cisco TelePresence Video Communication Server (VCS) Denial of Service Vulnerability Denial of Service Vulnerability in Cisco Unified Communications Manager Trust Verification Service Cisco Prime Collaboration Provisioning Tool Batch Provisioning Remote Code Execution Vulnerability Insufficient Protection of Restricted Information in Cisco Prime Collaboration Provisioning Tool Cisco Meeting Server CLI Command Injection Vulnerability Arbitrary File Overwrite Vulnerability in Cisco ASR 920 Series Routers Arbitrary Command Execution Vulnerability in Cisco ASR 920 Series Routers Arbitrary JavaScript Injection via 'action_type' Parameter in MantisBT Trend Micro Endpoint Sensor 1.6 DLL Hijacking Vulnerability Arbitrary JavaScript Injection in MantisBT view_filters_page.php Heap-based Buffer Over-read Vulnerability in ytnef Out-of-Bounds Access Vulnerability in ytnef Heap-based Buffer Over-read in ytnef's DecompressRTF() Function CSRF Vulnerabilities in SolarWinds FTP Voyager 16.2.0 Scheduler Directory Traversal Vulnerability in MobaXterm TFTP Server (Version 9.4) Allows Remote File Read Cross-Site Session Transfer Vulnerability in mod_auth_mellon Reflected XSS vulnerability in MaNGOSWebV4 4.0.8 - admin.faq.php (id parameter) Reflected XSS Vulnerability in MaNGOSWebV4 4.0.8 - admin.donate.php (id parameter) Reflected XSS vulnerability in MaNGOSWebV4 4.0.8 via admin.fplinks.php (linkid parameter) Reflected XSS vulnerability in MaNGOSWebV4 4.0.8 inc/admin/template_files/admin.shop.php (id parameter) Reflected XSS vulnerability in MaNGOSWebV4 4.0.8 - admin.vote.php (id parameter) Privilege Escalation Vulnerability in Zimbra Collaboration Suite (ZCS) Authenticated Cross-Site Scripting (XSS) via Media File Metadata in WordPress before 4.7.3 Control Character Bypass in WordPress Redirect URL Validation Unintended File Deletion Vulnerability in WordPress Plugin Deletion Functionality Authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds in WordPress before 4.7.3 Cross-Site Scripting (XSS) Vulnerability in WordPress 4.7.3 (wp-admin/js/tags-box.js) via Taxonomy Term Names CSRF Vulnerability in WordPress Press This Leading to Excessive Server Resource Usage Cross-Site Scripting (XSS) Vulnerability in Roundcube's rcube_utils.php Directory Traversal Vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.6 Privilege Escalation in Fiyo CMS 2.0.6.1 via Modified Level Parameter Heap-based buffer overflow in MSADPCM::initializeCoefficients function in audiofile 0.3.6 Heap-based Buffer Overflow in audiofile 0.3.6 WAV File Handling Denial of Service Vulnerability in Audio File Library 0.3.6 Heap-based Buffer Overflow in G711.cpp in Audio File Library (audiofile) 0.3.6 Heap-based Buffer Overflow in decodeBlockWAVE function in Audio File Library (audiofile) 0.3.6 and earlier versions Heap-based Buffer Overflow in Audio File Library (audiofile) 0.3.6 and earlier versions Denial of Service Vulnerability in Audio File Library 0.3.6 Heap-based buffer overflow in ulaw2linear_buf function in G711.cpp in Audio File Library Denial of Service Vulnerability in Audio File Library 0.3.6 Heap-based buffer overflow in Expand3To4Module::run function in Audio File Library (audiofile) allows remote attackers to cause denial of service Denial of Service Vulnerability in WAVE.cpp of Audio File Library 0.3.6 Audio File Library (audiofile) 0.3.6 Integer Overflow Denial of Service Vulnerability Integer Overflow in Audio File Library (audiofile) 0.3.6: Remote Denial of Service Vulnerability Denial of Service Vulnerability in PoDoFo 0.9.5 ColorChanger::GetColorFromStack Function NULL Pointer Dereference Vulnerability in PoDoFo GraphicsStack NULL Pointer Dereference Vulnerability in ColorChanger::GetColorFromStack function in PoDoFo 0.9.5 Heap-based Buffer Overflow in PoDoFo::PdfVariant::DelayedLoad Function in PdfVariant.h Buffer Overflow in PoDoFo PDF Parser ReadXRefSubsection Function NULL Pointer Dereference Vulnerability in PoDoFo 0.9.4 NULL Pointer Dereference Vulnerability in PoDoFo GraphicsStack PoDoFo 0.9.4 Denial of Service Vulnerability in PdfVariant::DelayedLoad Function NULL Pointer Dereference Vulnerability in PoDoFo 0.9.5 NULL Pointer Dereference Vulnerability in PoDoFo 0.9.4 NULL Pointer Dereference Vulnerability in JasPer's jp2_cdef_destroy Function Denial of Service Vulnerability in JasPer 2.0.10 JasPer 2.0.10 Heap-based Buffer Overflow in jpc_dec_decodepkt Function Authentication Bypass and Remote Code Execution Vulnerability in NETGEAR WNR2000 Routers (PSV-2016-0261) Stored Cross-Site Scripting Vulnerability in Siemens RUGGEDCOM ROX I Web Server Denial-of-Service Vulnerability in Siemens Industrial Automation Software Unauthorized Data Access Vulnerability in Siemens XHQ Server 4 and 5 Vulnerability in Siemens SIMATIC WinCC and WinCC Runtime Professional Allows Remote Service Crash Improper Authentication Vulnerability in Siemens SIMATIC CP 44x-1 RNA Arbitrary Code Execution Vulnerability in Siemens ViewPort for Web Office Portal TLS Protocol Vulnerability in Siemens SIMATIC WinCC Sm@rtClient for Android Authentication Bypass Vulnerability in Siemens SIMATIC WinCC Sm@rtClient for Android Siemens OZW672 and OZW772 Historical Measurement Data Access Vulnerability Siemens OZW672 and OZW772: Man-in-the-Middle Vulnerability in Integrated Web Server Race condition vulnerability in Linux kernel/ucount.c leading to denial of service and potential system crash Arbitrary Web Script Injection via SVG File Handling in Lutim 0.7.1 and Earlier MetInfo 5.3.15 Cross-Site Scripting (XSS) Vulnerability in admin/column/delete.php Buffer Overflow in Cerberus FTP Server 8.0.10.3 via Long MLST Command Denial of Service and Information Disclosure Vulnerability in Foxit Reader and PhantomPDF Zyxel EMG2926 Home Router Firmware V1.00(AAQT.4)b8 Command Injection Vulnerability Elevated Privileges Vulnerability in FlexNet Manager Suite 2017 and Earlier Versions Memory Corruption Vulnerability in LibRaw's parse_tiff_ifd() Function Memory Corruption Vulnerability in LibRaw's parse_tiff_ifd() Function Memory Leak Vulnerability in FLAC Version 1.3.2 Heap-based buffer overflow vulnerability in LibRaw-demosaic-pack-GPL2 before 0.18.2 Stack-based Buffer Overflow in LibRaw-demosaic-pack-GPL2 (before 0.18.2) Stack-based Buffer Overflow in asn1_find_node() Function in GnuTLS libtasn1 Version 4.10 Out-of-Bounds Read Vulnerability in libsndfile 1.0.28's aiff_read_chanmap() Function Elevation of Privilege Vulnerability in FlexNet Manager Suite Releases 2015 R2 SP3 and Earlier USB Pratirodh Vulnerability: Remote XML External Entity (XXE) Attack via usb.xml Privilege Escalation Vulnerability in DIGISOL DG-HR1400 1.00.02 Wireless Router Denial of Service Vulnerability in msm_bus_dbg_update_request_write Function Improper Input Sanitization and Command Injection in Riello NetMan 204 14-2 and 15-2 Insufficient Content Restrictions in Auto-Downloading Feature of ioquake3 and Quake III Engine Forks Arbitrary Code Execution via Insufficient Filtration in concrete5 <= 5.6.3.4 Arbitrary Code Execution via Insufficient Filtration in SiberianCMS Cross-Site Scripting (XSS) Vulnerability in Open.GL Arbitrary Code Execution via Insufficient Filtration in concrete5 <= 5.6.3.4 Cross-Site Scripting (XSS) Vulnerability in Shimmie <= 2.5.1 HTTP and WebSocket Engine Components Vulnerability USB Pratirodh Vulnerability: Sensitive Information Disclosure via usb.xml Incorrect Access Control in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Arbitrary Script Injection via Time Tag Event Attribute in Open-Xchange Webmail CSRF Vulnerability in BigTree CMS 4.1.18 and 4.2.16 Allows Unauthorized User Deletion CSRF Vulnerability in BigTree CMS 4.1.18: Unauthorized Colophon Modification CSRF Vulnerability in BigTree CMS 4.1.18: Unauthorized Modification of Navigation Social CSRF Vulnerability in BigTree CMS 4.2.16 Allows Unauthorized Colophon Modification CSRF Vulnerability in BigTree CMS 4.2.16 Allows Unauthorized Modification of Navigation Social Critical Access Bypass Vulnerability in Drupal 8 RESTful Web Services Arbitrary Code Execution Vulnerability in Drupal Core 8. Unvalidated Field Manipulation in Drupal 8 RESTful File Resource Access Bypass Vulnerability in Drupal Core Unrestricted Access to Ajax Endpoint in Drupal 8.x prior to 8.3.7 Unauthenticated Comment Posting Vulnerability in Drupal 8 REST API Entity Access Vulnerability in Drupal 8 Core Versions Prior to 8.3.7 Access Control Bypass and Unauthorized Comment Posting in Drupal 8.4.x Cross-Site Scripting Vulnerability in Drupal 8.4.x and 7.x Versions Access Bypass Vulnerability in Drupal Core 7.x versions before 7.57 jQuery Cross Site Scripting Vulnerability in Drupal 7 and 8 Access Bypass Vulnerability in Drupal Multilingual Sites with Node Access Controls Vulnerability in Drupal Settings Tray Module Allows Unauthorized Data Updates External Link Injection Vulnerability in Drupal Core and Contributed Modules Unsanitized Vector Size Argument Vulnerability in CHICKEN Scheme Remote Code Execution Vulnerability in SAP GUI 7.2 through 7.5 NULL pointer dereference vulnerability in keyring_search_aux function in Linux kernel through 3.14.79 Integer Overflow in cs_winkernel_malloc Function in Capstone 3.0.4 and Earlier Stack-based Buffer Overflow and SEH Overwrite Vulnerability in Gemalto SmartDiag Diagnosis Tool v2.5 User Privilege Escalation in BuddyPress Docs Plugin Vulnerability in Invite Anyone Plugin Allows Modification of Invitation Email Content Stack Buffer Overflow in Broadcom Wi-Fi HardMAC SoC with fbt Firmware: Remote Code Execution via Crafted Access Point Stack-based Buffer Overflow in Broadcom Wi-Fi HardMAC SoC Chips with CCKM Fast and Secure Roaming Feature XSS Vulnerability in MantisBT Source Integration Plugin (before 2.0.2) Allows Arbitrary Code Injection Integer Overflow Vulnerability in apng2gif 1.7 Leads to Heap-Based Buffer Over-read Memory Allocation Vulnerability in apng2gif 1.7 Integer Overflow Leading to Heap-Based Buffer Overflow in apng2gif 1.7 Privilege Escalation in dmcrypt-get-device in Debian and Ubuntu Heap-based Buffer Overflow in readelf of GNU Binutils 2.28 Use-after-free vulnerability in readelf in GNU Binutils 2.28 Incorrect Location of auth_start_session() in xrdp 0.9.1 Leads to PAM Session Module Initialization Vulnerability Arbitrary Code Execution Vulnerability in GMV Checker ATM Security (PT-2017-03) Heap-based Buffer Over-read Vulnerability in readelf of GNU Binutils 2.28 Arbitrary Command Execution Vulnerability in AlienVault USM and OSSIM Remote Code Execution in AlienVault USM and OSSIM Privilege Escalation in AlienVault USM and OSSIM Cross-Site Scripting (XSS) Vulnerability in MantisBT Configuration Report Page (adm_config_report.php) Vulnerability in macOS System Integrity Protection Allows Unauthorized Disk Modification Stack Buffer Overflow Vulnerability in Apple iOS Wi-Fi (CVE-2017-6956) Sandbox Profiles Bypass Vulnerability in iOS Vulnerability in macOS Speech Framework Allows Sandbox-Escape Attacks and Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in macOS Accessibility Framework Race Condition Vulnerability in IOSurface Component Remote Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution Vulnerability in iBooks Component Denial of Service Vulnerability in iOS Notifications Component Remote Code Execution and Denial of Service Vulnerability in SQLite Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in NVIDIA Graphics Drivers on macOS before 10.12.5 allows for arbitrary code execution or denial of service Vulnerability in iBooks Component Allows Sandbox-Escape Attacks and Memory Corruption Memory-read bypass vulnerability in Apple Kernel component Remote Credential Disclosure in macOS 802.1X Authentication Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Memory-read bypass vulnerability in macOS HFS component Remote Code Execution and Denial of Service Vulnerability in SQLite Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Arbitrary Code Execution and Denial of Service Vulnerability in AVEVideoEncoder Component Remote Code Execution and Denial of Service Vulnerability in SQLite Component Remote Code Execution and Denial of Service Vulnerability in SQLite Component Remote Code Execution and Denial of Service Vulnerability in SQLite Component Denial of Service Vulnerability in CoreText Component Race Condition Vulnerability Allows Bypass of Entitlement Restrictions in Apple Products Remote Code Execution and Denial of Service Vulnerability in JavaScriptCore Timing Side-Channel Attack Vulnerability in Apple Products Denial of Service Vulnerability in iOS EventKitUI Component Remote Code Execution and Denial of Service Vulnerability in CoreAudio Arbitrary Code Execution and Denial of Service Vulnerability in IOUSBFamily Component Vulnerability in Apple Products: Remote Information Disclosure and Denial of Service via Crafted XML File Address Bar Spoofing Vulnerability in Apple iOS and Safari Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in libxml2 component allows remote information disclosure and denial of service Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Vulnerability in macOS Audio Component Allows Remote Information Disclosure or Denial of Service Remote Code Execution Vulnerability in macOS afclip Component Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products AppleGraphicsPowerManagement Privilege Escalation and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Memory-read bypass vulnerability in Apple Kernel component Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in macOS Foundation Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS kext tools Component Remote Code Execution Vulnerability in macOS afclip Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Vulnerability: Memory-read Bypass in Intel Graphics Driver on macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products DOMParser XSS Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Vulnerability: Memory-read Bypass in Intel Graphics Driver on macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability in macOS Bluetooth Component Allows Arbitrary Code Execution or Denial of Service Vulnerability in macOS Bluetooth Component Allows Arbitrary Code Execution or Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution Vulnerability in iTunes on Windows Vulnerability in macOS Bluetooth Component Allows Arbitrary Code Execution or Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Lock Screen Notification Disclosure Vulnerability DOMParser XSS Vulnerability in Apple Products Denial of Service Vulnerability in Safari Printing Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Buffer Overflow Vulnerability in Apple Contacts Component Denial of Service Vulnerability in Apple Messages Component Memory-read bypass vulnerability in Apple products with iOS, Safari, iCloud, and iTunes Proximity-based Remote Code Execution and Denial of Service Vulnerability in Apple Wi-Fi Component Proximity-based Denial of Service Vulnerability in Apple Wi-Fi Component Memory-read bypass vulnerability in macOS Kernel Remote Code Execution and Denial of Service Vulnerability in Apple libarchive Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Kernel Bypass Vulnerability in macOS Remote Code Execution and Denial of Service Vulnerability in Safari 10.1 and Earlier Denial of Service Vulnerability in iBooks Component of iOS Denial of Service Vulnerability in AppSandbox Component of macOS Sensitive Information Disclosure in Locked Notes Search Results Remote Code Execution Vulnerability in Xcode's ld64 Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOFireWireFamily Component Mail Drafts Cleartext Transmission Vulnerability Vulnerability in iTunes Data Sync Allows Unauthorized Access to iOS Backups Certificate-Trust Bypass Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Screen Lock Vulnerability Allows Unauthorized Access to Application Firewall Prompts Denial of Service Vulnerability in CFNetwork Proxies Component Bypassing Application Firewall Settings in macOS Remote Address Bar Spoofing Vulnerability Denial of Service Vulnerability in Apple Products via Mishandling of Crafted Strings in libc Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Device Erasure Vulnerability in iOS Exchange ActiveSync Universal XSS Vulnerability in Apple Products Remote Cookie Information Disclosure Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Memory Corruption Vulnerability in Mail MessageUI Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Wi-Fi Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Wi-Fi Component Address Bar Spoofing Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Wi-Fi Component Cross-Site Scripting (XSS) Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Wi-Fi Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution and Denial of Service Vulnerability in Apple Wi-Fi Component Vulnerability: Bypassing Read Restrictions in Secure Text Fields via Focus-Change Event in iOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Race Condition Vulnerability in Wi-Fi Component of iOS and tvOS Remote Kernel Memory Read Vulnerability in Apple Wi-Fi Component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Denial of Service Vulnerability in iOS Messages Component Memory-read bypass vulnerability in macOS IOFireWireFamily component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Denial of Service Vulnerability in Third-Party file Product on macOS Denial of Service Vulnerability in Third-Party file Product on macOS Denial of Service Vulnerability in Third-Party file Product on macOS Denial of Service Vulnerability in Third-Party file Product on macOS Denial of Service Vulnerability in Third-Party file Product on macOS Denial of Service Vulnerability in Third-Party file Product on macOS SQLite Arbitrary Code Execution and Denial of Service Vulnerability Vulnerability in SQLite Versions before 3.19.3 Vulnerability in SQLite Versions before 3.19.3 Vulnerability in SQLite Versions before 3.19.3 iOS Bluetooth Contact Card Information Disclosure Vulnerability Remote Code Execution Vulnerability in macOS Quick Look Component Cleartext Information Exposure in iOS MobileBackup Component Remote Code Execution Vulnerability in Xcode's ld64 Component Remote Code Execution Vulnerability in Xcode's ld64 Component Remote Code Execution Vulnerability in Xcode's ld64 Component Remote Code Execution Vulnerability in Xcode's ld64 Component Apple macOS Directory Utility Local User Apple ID Disclosure Vulnerability Timing Bug in iOS Phone Component Allows Unauthorized Access to Secure-Content Screenshots Vulnerability in iOS Keyboard Suggestions Allows Sensitive Information Leakage Remote IP Address Disclosure Vulnerability in macOS Mail Component Safari Private Browsing Bypass Vulnerability Captive Network Assistant UI Error Allows Password Sniffing Cookie Mishandling Vulnerability in Safari Private Browsing Allows Remote Tracking Time Zone Setting Vulnerability Keychain Data Mishandling Vulnerability in iOS 10 and earlier Cleartext HTTP Transmission Vulnerability in Apple Support App for iOS Location Information Disclosure Vulnerability Vulnerability: Password Exposure in APFS Encrypted Volumes via Disk Utility Hints Vulnerability: Keychain Access Bypass via Synthetic Click in macOS Race Condition Vulnerability in Apple Operating Systems and Applications Address Bar Spoofing Vulnerability in iOS Mail Message Framework Remote User-Interface Spoofing Vulnerability in Apple Products Kernel Memory-Read Bypass and Denial of Service Vulnerability Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Privilege Escalation via Screen Sharing in macOS Vulnerability in macOS IOAcceleratorFamily Component Allows Arbitrary Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Command Injection Vulnerability in Safari Web Inspector Arbitrary Code Execution and Denial of Service Vulnerability in Apple IOKit Component Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Vulnerability: Man-in-the-Middle Attack Exploiting App Store Password Prompts Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Buffer Overflow Vulnerability in Xcode's ld64 Component Arbitrary Code Execution Vulnerability in macOS Security Component Privilege Escalation and Denial of Service Vulnerability in CoreAnimation CFNetwork Session Privilege Escalation and Denial of Service Vulnerability Memory-read bypass vulnerability in macOS Kernel Arbitrary Code Execution Vulnerability in Chef Manage 2.1.0 through 2.4.4 Arbitrary OS Command Execution in NfSen Custom Output Format Field IPv4 Defragmentation Evasion Vulnerability in Suricata before 3.2.1 CSRF Vulnerability in Deluge Web UI Allows Arbitrary Code Execution Unquoted Service Path Vulnerability in Net Monitor for Employees Pro Denial of Service Vulnerability in ExtraPuTTY TFTP Server Heap-based Out-of-Bounds Access Vulnerability in xfrm_replay_verify_len Function Use-after-free vulnerability in mg_http_multipart_wait_for_boundary function in Cesanta Mongoose Embedded Web Server Library allows denial of service Denial of Service Vulnerability in libpcre1 and libpcre2 Stack-based Buffer Overflow in sg_ioctl Function in Linux Kernel Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.1.1 Stable Misinterpretation of fsockopen calls in PHP 7.x before 2017-03-07 can lead to a security risk Use-after-free vulnerability in netjoin processing in Irssi 1.x before 1.0.2 SSL Pinning Bypass Vulnerability in Starscream WebSocket.swift (before 2.0.4) Local Privilege Escalation Vulnerability in Nessus 6.6.2 - 6.10.3 SSRF Vulnerability in OpenStack Glance Image Service API v1 Allows Masked Network Port Scans Multiple Cross-Site Scripting (XSS) Vulnerabilities in SLiMS 7 Cendana Cross-Site Scripting (XSS) Vulnerability in ZoneMinder before 1.30.2 Cross-Site Scripting (XSS) Vulnerability in imdbphp 5.1.1 GamePanelX-V3 3.0.12 Cross-Site Scripting (XSS) Vulnerability Heap-based Buffer Over-read Vulnerability in libavcodec NULL Pointer Dereference Vulnerability in Ghostscript 9.20 Buffer Over-read Vulnerability in libavcodec in libav 9.21 NULL Pointer Dereference in readelf: Crash when Reading Corrupt Binary Section Heap-based Buffer Over-read Vulnerabilities in objdump of GNU Binutils 2.28 Remote Code Execution Vulnerability in Zoho ManageEngine Desktop Central Sensitive Information Exposure in OpenStack Nova Legacy Notification Exception Contexts Arbitrary Web Script Injection in MISP 2.4.68.js and landingpage.ctp Sensitive Information Disclosure in Palo Alto Networks PAN-OS Management Web Interface Unspecified Parameter Write Access Vulnerability in Palo Alto Networks PAN-OS Management Web Interface Privilege Escalation in Palo Alto Networks PAN-OS Management Web Interface Arbitrary Command Execution Vulnerability in Citrix NetScaler Gateway OpenText Documentum Content Server Incomplete Fix for CVE-2015-4532 Vulnerability Inadequate Protection Mechanism in OpenText Documentum Content Server Allows Remote Code Execution Arbitrary Code Injection through Cross-Site Scripting (XSS) in MantisBT Global Buffer Overflow Vulnerability in GNU Assembler (GNU Binutils 2.28) Invalid Write Vulnerability in find_nearest_line Function of GNU Binutils 2.28 NULL pointer dereference and invalid write vulnerability in GNU Binutils 2.28's addr2line function Heap-based Buffer Over-read Vulnerability in pe_ILF_object_p Function in GNU Binutils 2.28 Heap-Based Buffer Overflow in GNU Linker (ld) in GNU Binutils 2.28 Xen Vulnerability: XSA-212 - Insufficient Check on XENMEM_exchange Input Content-Type Manipulation Vulnerability in Vaultive O365 (before 4.5.21) Allows Denial of Service and Information Disclosure Remote Code Execution Vulnerability in Disk Sorter Enterprise 9.5.12 and Earlier Heap-based Buffer-Overflow Vulnerability in pngdefry through 2017-03-22 Open Redirect and XSS Vulnerability in Django's URL Redirect Handling Open Redirect Vulnerability in Django's ``django.views.static.serve()`` View Arbitrary Code Execution Vulnerability in cloudflare-scrape 1.6.6 through 1.7.1 Arbitrary SQL Command Execution Vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 Unauthenticated Remote Access to Spiceworks TFTP Server Data Directory Vulnerability in Ninka before 1.3.2 Allows Remote Information Disclosure and License Manipulation Directory Traversal Vulnerability in Miele Professional PST10 WebServer Cross-Site Scripting (XSS) Vulnerability in MantisBT Move Attachments Page Multiple Cross-Site Scripting (XSS) Vulnerabilities in SLiMS 7 Cendana Admin/Modules Components Denial of Service Vulnerability in Eclipse tinydtls 0.8.2 Denial of Service Vulnerability in PCRE 8.40 Stack-based Buffer Overflow in libpcre1 Allows Remote Code Execution Stack-based Buffer Overflow in libpcre1 Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gazelle Cross-Site Scripting (XSS) Vulnerability in Gazelle Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gazelle Cross-Site Scripting (XSS) Vulnerability in Gazelle Insufficient Filtration of User-Supplied Data in pi-engine/pi 2.5.0 Allows Cross-Site Scripting (XSS) Improper Handling of Password Length in Botan's Bcrypt Password Hashing Dahua IP Camera devices 3.200.0001.6 Vulnerability: Unauthorized Access and Privilege Escalation XSS Vulnerability in CMS Made Simple (CMSMS) 2.1.6 Content-->News-->Add Article Feature via m1_title Parameter XSS Vulnerability in CMS Made Simple (CMSMS) 2.1.6 Content-->News-->Add Article Feature via m1_summary Parameter XSS Vulnerability in CMS Made Simple (CMSMS) 2.1.6 Content-->News-->Add Article Feature via m1_content Parameter Directory Path Traversal Vulnerability in eMLi Portal: Potential Full System Compromise NULL pointer dereference vulnerability in vmw_surface_define_ioctl function in Linux kernel through 4.10.5 Denial of Service Vulnerability in AMD Ryzen Processor with AGESA Microcode Heap-based Buffer Over-read Vulnerability in Potrace 1.14 Use-after-free vulnerability in MuPDF 1.10a allows remote attackers to cause a denial of service or possibly have other impact via crafted document Open Redirect Vulnerability in Netflix Security Monkey Remote Code Execution Vulnerability in IIS 6.0 WebDAV Service Yii Framework before 2.0.11 Reflected Cross-site Scripting (XSS) Vulnerability SSRF Vulnerability in PHP fsockopen and pfsockopen Integer underflow vulnerability in cp_report_fixup function in Linux kernel allows for denial of service or other unspecified impact via a crafted HID report Denial of Service Vulnerability in radare2 1.3.0 via Crafted PE File Denial of Service Vulnerability in ImageMagick's ReadPCXImage Function Reflected XSS Vulnerability in TOPdesk Versions 5.7.6 and Earlier, 6.x, and 7.x Vulnerability: TCP Stack Information Disclosure and Denial of Service in Linux Kernel Unspecified Vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 Privilege Escalation via Manipulation of token Cookie in Unitrends Enterprise Backup Web Server Remote Code Execution Vulnerability in Unitrends Enterprise Backup Unrestricted File Upload Vulnerability in Unitrends Enterprise Backup Local File Inclusion (LFI) Vulnerability in Unitrends Enterprise Backup Arbitrary OS Command Execution in Unitrends Enterprise Backup (CVE-2021-12345) Session Hijacking Vulnerability in Unitrends Enterprise Backup (before 9.1.2) Allows Account Takeover Remote CPU Exhaustion Vulnerability in MikroTik Version 6.38.5 Zimbra Collaboration Suite (ZCS) XSS Vulnerability XOOPS 2.5.7.2 SQL Injection Vulnerability in findusers.php Dolby DAX2 and DAX3 API Services Privilege Escalation Vulnerability Integer Overflow and Out-of-Bounds Write Vulnerability in vmw_surface_define_ioctl Function Use-after-free vulnerability in Contiki Operating System 3.0's cc26xx-web-demo httpd Persistent XSS Vulnerability in Contiki Operating System 3.0 MQTT/IBM Cloud Config Page Vulnerability: Access Control Bypass in Rancher Labs Rancher Server 1.2.0+ XSS Vulnerability in Moodle 3.2.2+: Course Summary Filter on Add a New Course Page Invalid Read Vulnerability in GNU Binutils 2.28 Leads to GNU Linker Crash Heap-based Buffer Over-read Vulnerability in libbfd Off-by-one Vulnerability in BFD Library Leads to GNU Linker Crash Invalid Read Vulnerability in BFD Library of GNU Binutils 2.28 Invalid Read Vulnerability in GNU Binutils 2.28 Invalid Read Vulnerability in GNU Binutils 2.28 Riverbed RiOS through 9.6.0 Vulnerability: Bypassing Secure-Vault Protection via Unprotected Bootloader Weak Default Password for Riverbed RiOS Secure Vault Improper Shell Access in Riverbed RiOS Allows Root Privilege Escalation and Data Access Integer Signedness Error and Out-of-Bounds Write Vulnerability in Linux Kernel's packet_set_ring Function Cross-Site Scripting (XSS) Vulnerability in MantisBT Configuration Report Page (adm_config_report.php) Buffer Overflow Vulnerability in Import Command in SyncBreeze, DiskSorter, DiskBoss, DiskPulse, DiskSavvy, DupScout, and VX Search Vendor Account Data Exposure in Personify360 e-Business Unauthenticated Customer Data Exposure in Personify360 e-Business Database Table and Column Disclosure Vulnerability in Personify360 e-Business Insecure Backup File Exposes Plaintext Router Credentials on Humax Digital HG100R 2.0.6 Devices XSS Vulnerability on Humax Digital HG100R 2.0.6: Exploiting the 404 Page Root Credentials Exposed in Humax Digital HG100 2.0.6 Backup File Remote Command Execution (RCE) Vulnerability in Siklu EtherHaul Devices before 7.4.0 Improper Language Parameter Handling in MODX Revolution 2.5.4-pl and Earlier Arbitrary PHP Code Execution in MODX Revolution 2.5.4-pl and Earlier Unverified X.509 Certificates in MODX Revolution 2.5.4-pl and Earlier Allow for Arbitrary Code Execution Lack of HTTPS Protection in MODX Revolution 2.5.4-pl and Earlier Allows Man-in-the-Middle Attacks and Arbitrary Code Execution Arbitrary PHP Code Execution in MODX Revolution 2.5.4-pl and Earlier Address Bar Spoofing Vulnerability in Yandex Browser Race Condition Vulnerability in Yandex Browser for Android: Remote Memory Corruption Exploit DLL Hijacking Vulnerability in Yandex Browser Installer for Desktop (before 17.4.1) Fortinet FortiWLC Multiple Cross-Site Scripting (XSS) Vulnerabilities Hard-coded 'upgrade' Account Vulnerability in Fortinet FortiWLM 8.3.0 and Lower Versions Improper Access Control Vulnerability in Fortinet FortiPortal Versions 4.0.0 and Below Information Disclosure Vulnerability in Fortinet FortiPortal 4.0.0 and Below via FortiAnalyzer Management View Cross-Site Scripting Vulnerability in Fortinet FortiPortal 4.0.0 and Below Cross-Site Scripting Vulnerability in Fortinet FortiPortal FortiView Functionality Fortinet FortiWLC OS Command Injection Vulnerability Fortinet FortiPortal Weak Password Recovery Process Vulnerability: Unauthorized Code Execution via Hidden Close Button Open Redirect Vulnerability in Fortinet FortiPortal 4.0.0 and Below: Unauthorized Code Execution via URL Parameter Privilege Escalation via Windows Security Alert Dialog in Fortinet FortiClient Improper Binding of JMX RMI Service in NetApp OnCommand Performance Manager and OnCommand Unified Manager Denial of Service Vulnerability in Linux Kernel's vmw_gb_surface_define_ioctl Function SQL Injection Vulnerability in REDCap File Upload Handler Stored XSS Vulnerability in Pure Storage Purity 4.7.5 via SNMP Trap Manager Host Parameter Arbitrary Code Execution Vulnerability in Hipchat Server Directory Traversal Vulnerability in LightDM Allows Privilege Escalation Vulnerability in Pixie 1.0.4: Cross-Site Scripting (XSS) Attack in admin/index.php s=login&m= XSS Vulnerability in Pixie 1.0.4 Admin Panel XSS Vulnerability in Pixie 1.0.4 Admin Panel XSS Vulnerability in Pixie 1.0.4 Admin Panel XSS Vulnerability in Pixie 1.0.4 Admin Module Arbitrary Free and Use After Free Vulnerability in Qualcomm Android Devices Buffer Overread Vulnerability in Android Releases from CAF with Linux Kernel Unvalidated Parameters in KGSL ioctl in Android CAF Releases Integer Underflow Vulnerability in Android CAF Releases: Exploiting Boot Image Processing Race Condition Vulnerability in Sound Driver ioctl Handler in Android CAF with Linux Kernel Android CAF ALSA Routine Array Index Vulnerability Race Condition in Android Video Driver: Exploiting Use-After-Free Vulnerability Data Pointer Misuse Vulnerability in Android CAF with Linux Kernel Race Condition Vulnerability in Android Video Driver: Buffer Overflow and Arbitrary Pointer Write Double Free Vulnerability in Android Display Driver: A Critical Security Flaw in CAF Releases Use-after-free vulnerability in fs/crypto/ in Linux kernel before 4.10.7 Remote XML Entity Inclusion Vulnerability in libxml2 Remote Code Execution Vulnerability in libxml2 due to Incorrect Limit Handling for Redirects Denial of Service Vulnerability in QEMU's v9fs_create and v9fs_lcreate Functions Denial of Service Vulnerability in PoDoFo 0.9.5 Denial of Service Vulnerability in PoDoFo 0.9.5 NULL Pointer Dereference Vulnerability in PoDoFo 0.9.5 NULL Pointer Dereference Vulnerability in PoDoFo 0.9.5 NULL Pointer Dereference Vulnerability in PdfFontFactory.cpp NULL Pointer Dereference Vulnerability in PdfFontFactory.cpp Arbitrary Script Injection Vulnerability in FlipBuilder Flip PDF Reflected XSS vulnerability in citymont/symetrie v.0.9.6 - model parameter in symetrie-master/app/commands/page.php Reflected XSS Vulnerability in HelpMeWatchWho-master/unaired.php (episodeID parameter) Cross-Site Scripting (XSS) Vulnerability in wallacepos v1.4.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in openeclass Release_3.5.4 Cross-Site Scripting (XSS) Vulnerability in 'SocialNetwork v1.2.1' Cross-Site Scripting (XSS) Vulnerability in Magmi 0.7.22 Unauthenticated Client Memory Leak Vulnerability in TigerVNC 1.7.1 Double Free Vulnerability in TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence) TigerVNC 1.7.1 Server Crash Vulnerability via Long Usernames Integer Overflow Vulnerability in TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText) Memory Leak Vulnerability in TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection) Denial of Service Vulnerability in BackBox Linux 4.6 D-Link DIR-615 HW: T1 FW:20.09 Cross-Site Request Forgery (CSRF) Vulnerability User Privilege Escalation in Cloudera Manager Cross-Site Scripting (XSS) Vulnerability in OpenStack Horizon Denial of Service Vulnerability in collectd 5.7.1 and Earlier Arbitrary PHP Code Execution in Pixie 1.0.4 via Double Extension File Upload CSRF Vulnerability in D-Link DIR-615 Router Allows Unauthorized Firmware Upload and Denial of Service IP Address Spoofing Vulnerability in D-Link DIR-615 Router Unencrypted Authentication Vulnerability in D-Link DIR-615 Devices Heap-based Buffer Over-read Vulnerability in Curl 7.53.1 Denial of Service Vulnerability in Palo Alto Networks Traps ESM Console XSS Vulnerability in Palo Alto Networks PAN-OS GlobalProtect External Interface SQL Injection Vulnerabilities in WebsiteBaker 2.10.0 and Earlier: Remote Code Execution via account/signup.php and account/signup2.php Arbitrary PHP Object Injection in Enalean Tuleap 9.6 and Prior Versions World-writable Docker socket vulnerability in NixOS 17.03 before 17.03.887 OS Command Injection in Horde Groupware Webmail Edition through 5.2.17 via PGP Encryption PGP Command Injection Vulnerability in Horde Groupware Webmail Edition Authentication Bypass Vulnerability in Atlassian Confluence 6.x before 6.0.7 Improper Validation of GET and POST Parameters in ntopng before 3.0 Allows XSS Symbolic Link Bypass in ProFTPD's AllowChrootSymlinks Control Cross-Site Scripting (XSS) Vulnerability in NetIQ Access Manager ESMAC Authentication Bypass and Configuration Alteration Vulnerability Reflected and Stored XSS Vulnerabilities in Micro Focus Enterprise Developer and Enterprise Server Reflected and Stored XSS Vulnerabilities in Micro Focus Enterprise Developer and Enterprise Server Cross-Site Request Forgery (CSRF) Vulnerability in Micro Focus Enterprise Developer and Enterprise Server Path Traversal Vulnerability in Micro Focus Enterprise Developer and Enterprise Server (CWE-22) Multiple Reflected XSS Vulnerabilities in NetIQ iManager Versions Before 2.7.7 Patch 10 HF2 and 3.0.3.2 XML External Entity (XXE) Vulnerabilities in NetIQ Identity Manager Plugins Multiple Cross-Site Scripting Vulnerabilities in Identity Manager Plug-in on iManager 2.7.7.7 Renegotiation Vulnerability in NetIQ iManager 3.x Vulnerability: Remote Code Execution via Certificate Upload in NetIQ eDirectory PKI Plugin Persistent XSS Vulnerability in Novell iManager and NetIQ iManager Persistent CSRF in Object Management in Novell iManager and NetIQ iManager Webshell Upload Vulnerability in Novell iManager and NetIQ iManager Arbitrary File Download Vulnerability in Micro Focus Vibe 4.0.2 and Earlier Sensitive Password Logging Vulnerability in NetIQ Identity Manager JDBC Driver Unsigned YUM Repositories Vulnerability Unsigned Package Retrieval Vulnerability in libzypp Cross-Site Scripting Vulnerability in NetIQ Privileged Account Manager Cross-Site Scripting (XSS) Vulnerability in NetIQ Privileged Account Manager Information Disclosure Vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 Clickjacking Vulnerability in Kerio Connect and Kerio Connect Client Kernel Data Leak Vulnerability in Sophos SurfRight HitmanPro Arbitrary Code Execution Vulnerability in Nitro Pro 11.0.3.173 HTTP Response Splitting Vulnerability in apt-cacher and apt-cacher-ng DLL Hijacking Vulnerability in Veritas System Recovery Patch Installer CSRF Vulnerability in HelpDEZk 1.1.1 Allows Unauthorized Admin Privilege Access CSRF Vulnerability in HelpDEZk 1.1.1 Allows Remote Execution of Arbitrary PHP Code Denial of Service Vulnerability in Dropbox Lepton 1.2.1 Unauthenticated Access and Control Vulnerability in AIRTAME HDMI Dongle Firmware NULL Pointer Dereference Vulnerability in ImageWorsener 1.3.0 NULL Pointer Dereference Vulnerability in ImageWorsener 1.3.0 Heap-based Buffer Over-read Vulnerability in ImageWorsener 1.3.0 Remote Code Execution in Moxa MXView 2.8: Unauthorized Access to Web Server's Private Key File Denial of Service Vulnerability in Moxa MXView 2.8 XML External Entity (XXE) Vulnerability in Moxa MX-AOPC Server 1.5 Allows Remote File Disclosure via .AOP Files NULL Pointer Dereference and Application Crash in NetworkInterface::getHost Function HTTP Response Splitting Vulnerability in ntopng before 3.0 Intellinet NFC-30ir IP Camera Directory Traversal Vulnerability Vendor Backdoor in Intellinet NFC-30ir IP Camera Allows Remote Access to CGI Script Reflected XSS via Artifact Upload in JBoss BRMS 6 and BPM Suite 6 XXE Vulnerability in JBoss EAP 7.0: Potential DoS, SSRF, and Information Disclosure Code Injection Vulnerability in JBoss EAP 7.0's JAXP XSLT Processing Input Validation Vulnerability in Ansible Server Buffer Overflow Vulnerability in minicom 2.7.1 and earlier versions Vulnerability: Insecure TLS Session Resumption in curl and libcurl Unauthorized Administrative Access in spacewalk-channel Improper Access Control in Qemu VirtFS Host Directory Sharing via 9pfs Denial of Service Vulnerability in Linux Kernel's KEYS Subsystem Keycloak Node.js Adapter Authentication Bypass Vulnerability Cairo Version 1.15.4 Vulnerability: NULL Pointer Dereference in FT_Load_Glyph and FT_Render_Glyph Heap-based Buffer Overflow in Gnulib's save_abbr function Heap-based Buffer Overflow in MACsec Module of Linux Kernel Unauthenticated Denial of Service Vulnerability in OpenVPN 2.3.12 and Newer OpenVPN Reachable Assertion Denial of Service Vulnerability Insecure Channel File Download Vulnerability in rkhunter Versions Before 1.4.4 Vulnerability: Code Execution via Unsafe Jinja2 Templating in Ansible Kerberos 5 Ticket Decoding Vulnerability in Linux Kernel Denial of Service Vulnerability in Rxvt 2.7.10 via Terminal Escape Code Privilege Escalation Vulnerability in PostgreSQL PGREQUIRESSL Environment Variable Bypass Vulnerability Information Leak in pg_user_mappings View: Exposing Foreign Server Passwords Use-after-free vulnerability in ipxitf_ioctl function in Linux kernel through 4.11.1 Information Exposure Vulnerability in Authconfig Version 6.2.8: Username Leak via SSSD Authentication Arbitrary Blog Ownership Vulnerability in Moodle 2.x and 3.x Arbitrary Blog Searching Vulnerability in Moodle 2.x and 3.x CSRF Vulnerability in Moodle Allows Unauthorized Configuration Changes Improper Access Control Vulnerability in Qemu VirtFS with Plan 9 File System (9pfs) Support Samba Remote Code Execution Vulnerability Information Leakage in ext4 Data=Ordered Mode Local Privilege Escalation in Fedora ARM Installer (up to 1.99.16) Unrestricted Tenant Access Vulnerability in CloudForms Cinder Provider RPM Vulnerability: Arbitrary Directory Ownership and Privilege Escalation Predictable Temporary File Names Vulnerability in RPM Installation Null Pointer Dereference Vulnerability in NSS 3.24.0: Denial of Service via Empty SSLv2 Messages Vulnerability: XXE in Red Hat JBoss EAP 7.0.5 Arbitrary Code Execution via Deserialization in JbossMQ Implementation Authorization Bypass Vulnerability in Foreman 1.5 and Later Versions Vulnerability: Out-of-Bounds Memory Access in Spice Versions 0.13 and Below GnuTLS Server Application Crash Vulnerability OpenVPN Vulnerability: Remote Denial-of-Service via Malformed IPv6 Packet Denial of Service Vulnerability in Red Hat Certificate System's Handling of Client Provided Certificates Root Password Disclosure Vulnerability in oVirt-Engine 4.1 NULL Pointer Dereference Vulnerability in Poppler's pdfunite Insecure Access Token Creation in Red Hat 3scale API Management Platform (AMP) before 2.0.0 SSL/TLS Certificate Validation Vulnerability in Satellite 5 Cross-Site Scripting (XSS) Vulnerability in Red Hat Satellite Uncontrolled Recursion Vulnerability in Poppler's pdfunite Leading to Denial-of-Service Input Validation Vulnerability in Openshift Enterprise: Unauthorized Access to Metrics Data Privilege Escalation Vulnerability in Linux Kernel's KVM Module Ceph Libradosstriper Format String Vulnerability OpenVPN Vulnerability: Denial-of-Service and Memory Leak via Man-in-the-Middle Attack OpenVPN Remote Denial-of-Service Vulnerability OpenVPN Denial-of-Service Vulnerability via Embedded NULL Character Buffer Overflow Vulnerability in Cygwin wcsxfrm/wcsxfrm_l Functions TPM2-Tools Versions Prior to 1.1.1: Password Leak Vulnerability Deserialization Flaw in Jackson-databind: Remote Code Execution Vulnerability Cache Side-Channel Attack on libgcrypt: Complete Break of RSA-1024 and Potential Impact on RSA-2048 CRLF Injection Vulnerability in Ansible Tower with Red Hat CloudForms Management Engine 5 Integer Overflow Vulnerability in Nginx Range Filter Module Privilege Escalation via Arbitrary Method Invocation in CloudForms Management Engine (cfme) Course Overview Block Exposes Hidden Activities in Moodle 3.3 Course Creators Can Override System Default Settings in Moodle 3.x Race condition vulnerability in Linux kernel fsnotify implementation allows for privilege escalation or denial of service Stored XSS Vulnerability in OpenShift Enterprise 3.x Log Viewer for Pods Stored XSS Vulnerability in Foreman 1.16.0: Organizations/Locations Assignment to Hosts Privilege Escalation via Access to Private Members in Hibernate Validator Hardcoded Secret in CMC Authentication Plugin Allows Certificate Issuance Bypass Cross-Site Scripting (XSS) Vulnerability in Satellite 5.8 and Earlier Qemu NBD Server Assertion-Failure Vulnerability Bypassing Safe Mode Limitations in rubygem-safemode Buffer Overflow and Privilege Escalation Vulnerability in Linux Kernel's brcmf_cfg80211_mgmt_tx Function Denial of Service Vulnerability in Linux Kernel's ip6_find_1stfragopt Function Race-condition flaw in openstack-neutron leading to disabled security groups after minor overcloud update Out-of-Bounds Heap Read Vulnerability in libexif through 0.6.21 XML External Entity (XXE) Vulnerability in jbpmmigration 6.5 Incorrect Authentication Flaw in PostgreSQL Versions Prior to 9.2.22, 9.3.18, 9.4.13, 9.5.8, and 9.6.4 Authorization Flaw in PostgreSQL Versions Prior to 9.2.22, 9.3.18, 9.4.13, 9.5.8, and 9.6.4: Remote Password Retrieval from User Mappings Authorization Flaw in PostgreSQL Allows Remote Attackers to Overwrite Large Objects Insecure Temporary Files Vulnerability in instack-undercloud 7.2.0 Sensitive Information Exposure in Ansible Jenkins Plugin Module Vulnerability: Password Brute-Force Attacks in 389-ds-base File Execution and Creation Vulnerability in millicore Server Side Request Forgery (SSRF) Vulnerability in App Studio's External_Request API Call Stored XSS Vulnerability in RHMAP App Studio Component Heap-based Buffer Overflow in Augeas Versions up to 1.8.0 CSRF Vulnerability in Hawtio Versions up to 1.5.3 Vulnerability: CSRF Attack Exploit in dnsdist Version 1.1.0's REST API Authentication Mechanism Kernel Data Leak Vulnerability in Linux Kernel Incomplete Fix for Invalid Character Injection in Undertow World-writable rhnsd PID files vulnerability Vulnerability: Server-side Cache Poisoning and CORS Requests in Red Hat JBoss EAP JAX-RS Component Authentication Bypass Vulnerability in krb5's Certauth Interface Inconsistent Execute-Never Bits in ARM Trusted Firmware 1.3 Allows Bypass of MT_EXECUTE_NEVER Protection ARM Trusted Firmware Denial of Service Vulnerability via Debug Interface Splunk Hadoop Connect App Path Traversal Remote Code Execution Vulnerability SSRF Bypass Vulnerability in MyBB before 1.8.11 LDAP Account Information Disclosure in NetApp OnCommand Unified Manager for 7-Mode VBV-17037: SSRF Bypass Vulnerability in vBulletin Arbitrary PHP Code Execution Vulnerability in PivotX 2.3.11 CSRF Vulnerability in Faveo 1.9.3 Allows Unauthorized Admin Privilege Escalation Race Condition Vulnerability in Back In Time's _checkPolkitPrivilege Function Hardcoded-Key Vulnerability in Schneider Electric SoMachine Basic and Modicon TM221CE16R Devices Remote Password Discovery and Arbitrary Application Manipulation in Schneider Electric Modicon TM221CE16R 1.3.3.3 Devices Hardcoded Login Credentials in DragonWave Horizon 1.01.03 Wireless Radios Directory Traversal Vulnerability in XiongMai uc-httpd Allows Arbitrary File Reading Heap-based Buffer Overflows in libming 0.4.7 parser.c Cross-Site Scripting (XSS) Vulnerability in phpMyFAQ before 2.9.7 Arbitrary SQL Command Execution in TYPO3 News Module 5.3.2 and Earlier XSS Vulnerability in ILIAS before 5.2.3 via SVG Documents Foxit PDF Toolkit Memory Corruption Vulnerability: Denial of Service and Remote Code Execution Stack-based buffer overflow in libsndfile before 1.0.28 via crafted FLAC file Stack-based Buffer Overflow in libsndfile's header_read() Function Authorization Bypass Vulnerability on Brother Devices OpenIDM Information Leakage Vulnerability Persistent Cross-Site Scripting (XSS) Vulnerability in OpenIDM Admin UI Reflected Cross-Site Scripting (XSS) Vulnerability in OpenIDM Admin UI Undefined Behavior in putagreytile function of LibTIFF 4.0.7 Uninitialized Memory Disclosure in LibTIFF 4.0.7 Memory Leak Vulnerability in LibTIFF 4.0.7 Denial of Service Vulnerability in LibTIFF 4.0.7 JPEGSetupEncode Function Denial of Service Vulnerability in LibTIFF 4.0.7 Denial of Service Vulnerability in LibTIFF 4.0.7 Denial of Service Vulnerability in LibTIFF 4.0.7 LibTIFF 4.0.7 outside the range of representable values of type short Denial of Service Vulnerability Unsigned Char Overflow Vulnerability in LibTIFF 4.0.7 Denial of Service Vulnerability in LibTIFF 4.0.7 Signed Integer Overflow in LibTIFF 4.0.7: Remote Denial of Service and Potential Impact Signed Integer Overflow in au_channel.h in HE-AAC+ Codec 2.0.2 Undefined Behavior Issue in au_channel.h in HE-AAC+ Codec 2.0.2 Assertion Failure in HE-AAC+ Codec (libaacplus) 2.0.2 Allows Remote Attackers to Cause Denial of Service or Other Impact Unsigned Char Overflow Vulnerability in ImageMagick 7.0.5-4 Heap-based Buffer Over-read Vulnerability in handle_gnu_hash Function of elfutils 0.168 Heap-based Buffer Over-read Vulnerability in elfutils 0.168 Denial of Service Vulnerability in elf_compress.c in elfutils 0.168 Heap-based Buffer Over-read Vulnerability in elflint.c of elfutils 0.168 Heap-based Buffer Over-read Vulnerability in elflint.c Heap-based Buffer Over-read Vulnerability in elflint.c Memory Consumption Denial of Service Vulnerability in elflint.c Null Pointer Dereference Vulnerability in libbfd Arbitrary Password Reset and Unauthenticated Admin Access in MantisBT 2.3.0 Uninitialized Stack Data Disclosure in Linux Kernel's set_mempolicy and mbind Compat Syscalls Buffer overflow vulnerability in Asterisk Open Source and Certified Asterisk versions before 13.14.1 and 14.3.1 allows remote code execution Denial of Service Vulnerability in Linux Kernel's ahash.c Infinite Loop Vulnerability in ImageMagick 7.0.4-9 Color Algorithms Permalink Injection and Open Redirect Vulnerability in MantisBT Cross Site Scripting Vulnerability in eMLi V1.0 by AuroMeera Technometrix Pvt. Ltd. Privilege Escalation Vulnerability in dde-daemon Allows Unauthorized Grub Configuration Changes Heap-based Buffer Over-read Vulnerability in ImageWorsener 1.3.0 Memory Consumption Vulnerability in ImageWorsener 1.3.0 Arbitrary Code Execution via File Upload in Fiyo CMS 2.x through 2.0.7 XSS Vulnerability in Smart Related Articles Extension 1.1 for Joomla! Missing _JEXEC check in Smart related articles extension 1.1 for Joomla! allows unauthorized direct requests to dialog.php SQL Injection Vulnerability in Smart Related Articles Extension 1.1 for Joomla! Vulnerability in QNAP QTS Change Password Function Information Disclosure Vulnerability in QNAP QTS 4.2.6 and 4.3.3 Arbitrary Web Script Injection in QNAP File Station Share Link Function Arbitrary Web Script Injection Vulnerability in QNAP QTS File Station Sensitive Information Exposure in QNAP Qfinder Pro 6.1.0.0317 and Earlier Crafted Link Triggered Cross-Site Scripting (XSS) Vulnerability in QNAP NAS Media Streaming Add-On CSRF Vulnerability in QNAP NAS Application Proxy Server Arbitrary Web Script Injection Vulnerability in QNAP NAS Proxy Server Arbitrary OS Command Execution in QNAP NAS Application Proxy Server Authentication Bypass Vulnerability in QNAP NAS Media Streaming Add-on Authentication Bypass Vulnerability in QNAP NAS Proxy Server Arbitrary OS Command Execution Vulnerability in QNAP NAS Media Streaming Add-on CSRF Vulnerability in QNAP NAS Media Streaming Add-on Privilege Escalation in HashiCorp Vagrant VMware Fusion Plugin Privilege Escalation Vulnerability in Proxifier for Mac Incorrect Permission Validation in Palo Alto Networks PAN-OS Management Web Interface Denial of Service Vulnerability in Linux Kernel NFSv2/NFSv3 Server SolarWinds Log & Event Manager (LEM) Filesystem Browsing Vulnerability Arbitrary Command Execution Vulnerability in SolarWinds Log & Event Manager (LEM) Hardcoded SSL Private Key Vulnerability in Foscam Networked Devices Unauthenticated Remote Access and Full Control Vulnerability in Kura Distribution Bypassing Pattern-Based ACLs in Mosquitto MQTT Broker RAM Exhaustion Vulnerability in Eclipse Mosquitto 1.4.14 Vulnerability: Denial of Service due to Configuration File Reload in Eclipse Mosquitto 1.4.14 Denial of Service Vulnerability in Eclipse Mosquitto Broker Memory Leak Vulnerability in Eclipse Mosquitto Broker Null Dereference Vulnerability in Eclipse Mosquitto Library HTTP/0.9 Request Line Handling Vulnerability in Eclipse Jetty Integer Overflow in Transfer-Encoding Chunk Length Parsing in Eclipse Jetty Vulnerability: Authorization Bypass via Fake Pipelined Request in Eclipse Jetty Server Apache HTTP Server 2.4.24 and 2.4.25 Null Pointer Dereference Vulnerability Apache Solr Cluster Node Impersonation Vulnerability CSRF Vulnerability in Apache CXF Fediz Container-Specific Plugins CSRF Vulnerability in Apache CXF Fediz Client Registration Service XSS Vulnerability in Apache OpenMeetings 3.2.0: Global and Room Chat XML Document Validation Bypass in Apache OpenMeetings 3.1.0 Insufficient XSS Protection in Apache NiFi User Input Components Vulnerability: Multiple Security Issues in Apache OpenMeetings 1.0.0 Apache NiFi Same-Origin Policy Bypass Vulnerability HTTP Strict Parsing Vulnerability in Apache HTTP Server Privilege Escalation Vulnerability in Apache Hadoop LinuxContainerExecutor Vulnerability: Slowloris-style Denial of Service Attack in Apache Traffic Control's Traffic Router Component Apache Traffic Server TLS Handshake DOS Vulnerability Apache Struts URLValidator Vulnerability Weak Cryptographic Storage and Lack of Brute Force Protection in Apache OpenMeetings 1.0.0 CORS Filter Cache Poisoning Vulnerability Directory Traversal Vulnerability in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 Apache Ranger Policy Resource Matcher Wildcard Character Vulnerability Inadequate Permission Check in Apache Ranger Hive Authorizer Cross-Site Scripting (XSS) Vulnerability in Apache Spark Buffer Overflow Vulnerability in Apache httpd mod_mime Overly Permissive Crossdomain.xml File in Apache OpenMeetings 1.0.0 Allows for Untrusted Domain Loading SQL Injection Vulnerability in Apache OpenMeetings 1.0.0 Apache OpenMeetings 3.2.0 Parameter Manipulation Vulnerability Apache OpenMeetings 1.0.0 Information Disclosure Vulnerability Unrestricted File Upload Vulnerability in Apache OpenMeetings 1.0.0 Insecure HTTP Methods Vulnerability in Apache OpenMeetings 1.0.0 Apache Ignite Update Notifier Component Sends User Sensitive Information to External PHP Server Denial of Service Vulnerability in Apache Mesos Insecure Password Update Vulnerability in Apache OpenMeetings 1.0.0 Critical Command Injection Vulnerability in Schneider Electric homeLYnk Controller (Versions < 1.5.0) Privilege Escalation Vulnerability in Proxifier for Mac SAP TREX / Business Warehouse Accelerator (BWA) Code Injection Vulnerability Remote Code Execution in SquirrelMail via Mishandled sendmail.cf File Directory Traversal Vulnerability in Riverbed OPNET App Response Xpert (ARX) 9.6.1: Remote Command Injection Remote Code Execution Vulnerability in Symphony CMS 2.6.11: Execution of Arbitrary PHP Code via Datasource and Event Editors Unrestricted File Upload Vulnerability in BigTree CMS before 4.2.17 Denial of Service Vulnerability in SAP AS JAVA SSO Authentication Library Buffer Over-read Vulnerability in libsamplerate before 0.1.9 via Crafted Audio File Use After Free Vulnerability in swftools 0.9.2 and Earlier via Malformed PDF Document Infinite Loop Vulnerability in Wireshark NetScaler File Parser BGP Dissector Infinite Loop Vulnerability Infinite Loop Vulnerability in Wireshark WBXML Dissector IMAP Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11 Infinite Loop Vulnerability in Wireshark 2.2.0 to 2.2.5 DOF Dissector Infinite Loop Vulnerability in Wireshark's RPC over RDMA Dissector Heap-based Buffer Over-read Vulnerability in radare2 1.3.0 SQL Injection Vulnerability in getUserUddiElements Method in SAP NetWeaver AS Java 7.4 Denial of Service Vulnerability in QEMU's cirrus_vga_rop.h SQL Injection in Spider Event Calendar Plugin for WordPress Buffer Overflow Vulnerability in PrivateTunnel 2.7 and 2.8: Denial of Service and Potential Impact via Long Password Access Violation and Crash Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin SolarWinds Log & Event Manager (LEM) SSH Restricted Shell Escape Vulnerability Cross-Site Scripting (XSS) Vulnerability in Easy WP SMTP Plugin (before 1.2.5) via E-mail Subject or Body Incorrect Trust in HTTP Host Header during Caching in concrete5 8.1.0 iSmartAlarm Cube Devices: SSL Certificate Validation Vulnerability Authentication Bypass Vulnerability on iSmartAlarm Cube Devices Allows Remote Command Execution iSmartAlarm Cube Devices: Cleartext Transmission of New Key Leads to Incorrect Access Control iSmartAlarm Cube Devices Vulnerable to Denial of Service Attack Fortinet FortiPortal Weak Password Recovery Vulnerability Reflected Cross-Site Scripting (XSS) Vulnerability in Fortinet FortiMail Pre-Authentication Webmail Login Page Fortinet FortiOS XSS Vulnerability in Login Disclaimer Redir Parameter Fortinet FortiOS Cross-Site Scripting Vulnerability in Config Revisions Fortinet FortiOS Cross-Site Scripting Vulnerability in User Group Creation/Editing Stored XSS Vulnerability in Fortinet FortiWeb WebUI Certificate View Page Cleartext Password Disclosure Vulnerability in Fortinet FortiWeb 5.8.2 and Below Fortinet FortiOS SSL VPN Web Portal Session Information Disclosure Vulnerability Reflected Cross-site Scripting (XSS) Vulnerability in Fortinet FortiOS Web Proxy Disclaimer Response Pages Segmentation Violation Vulnerability in libsndfile's flac_buffer_copy() Function Segmentation Violation Vulnerability in libsndfile's flac_buffer_copy() Function Infinite Loop Vulnerability in Wireshark SIGCOMP Dissector Infinite Loop Vulnerability in Wireshark SLSK Dissector PacketBB Dissector Crash Vulnerability Infinite Loop Vulnerability in Wireshark WSP Dissector Use-after-free vulnerability in Firefox, Firefox ESR, and Thunderbird allows for potentially exploitable crashes Use-after-free vulnerability in video control operations with <track> element in Firefox and Thunderbird Use-After-Free Vulnerability in Content Viewer Listeners: Potentially Exploitable Crash in Firefox and Thunderbird Use-after-free vulnerability in IME event handling in Firefox and Thunderbird Out-of-Bounds Read Vulnerability in Pseudo-Elements Styling WebGL Out-of-Bounds Read Vulnerability in Firefox and Thunderbird Privilege Escalation Vulnerability in Firefox Installer on Windows XML HTTP Request (XHR) Error Logging Vulnerability in Firefox and Thunderbird Use-After-Free Vulnerability in IndexedDB: Exploitable Crash in Firefox and Thunderbird Opus Encoder Out-of-Bounds Read Vulnerability Android Intent URL Same-Origin Policy Bypass in Firefox for Android Privilege Escalation and File Manipulation Vulnerability in Mozilla Windows Updater Privilege Escalation Vulnerability in Mozilla Maintenance Service Username and Password Spoofing Vulnerability in Firefox < 54 Tibetan Character Domain Name Spoofing Vulnerability on OS X Domain Name Spoofing through Character Confusion in Firefox and Thunderbird Windows Security Warning Bypass Vulnerability Privilege Escalation and Arbitrary File Execution in Mozilla Windows Updater Arbitrary File Overwrite Vulnerability in Mozilla Maintenance Service Privilege Escalation Vulnerability in Mozilla Maintenance Service Address Bar Spoofing Vulnerability in Firefox for Android (Versions < 54) Graphite2 Library Out-of-bounds Read Vulnerability in Firefox before 54 Heap-based Buffer Overflow in Graphite2 Library in Firefox Heap-based Buffer Overflow in Graphite2 Library: Firefox Vulnerability Graphite2 Library Out-of-bounds Read Vulnerability in Firefox Heap-based Buffer Overflow in Graphite2 Library: Exploiting graphite2::Silf::getClassGlyph in Firefox (versions prior to 54) Uninitialized Memory Vulnerability in Graphite2 Library in Firefox Graphite 2 Library Multiple Security Vulnerabilities Memory Corruption Vulnerabilities in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2 Memory Corruption Vulnerability in Firefox 54: Potential for Arbitrary Code Execution Elliptic Curve Point Addition Vulnerability in Firefox < 55 DEP Violation in WindowsDllDetourPatcher: Exploiting Unprotected RWX Block Denial of Service Vulnerability in Firefox < 55 due to Long User Name in URL Use-After-Free Vulnerability in Image Observer during Frame Reconstruction Buffer Overflow Vulnerability in ARIA Attribute Manipulation Buffer Overflow Vulnerability in SVG Image Renderer Bypassing Same-Origin Policy Protections in Thunderbird and Firefox Content Security Policy (CSP) Inheritance Issue in Firefox < 55 Double STS Header Rejection Vulnerability Windows Stack Memory Data Leakage Vulnerability in Firefox < 55 Origin Spoofing Vulnerability in Thunderbird and Firefox Buffer Overflow Vulnerability in Certificate Manager Use-after-free vulnerability in Fetch API in Firefox and Thunderbird Sandbox Bypass Vulnerability in Linux Systems: File Truncation in Firefox < 55 Windows Updater Logger File Deletion Vulnerability Cross-Origin Access to Response Header Names in Firefox < 55 XUL Injection Vulnerability in Developer Tools Allows Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in Firefox < 55 Use-after-free vulnerability in WebSockets leads to exploitable crash Use-after-free vulnerability in marquee element during window resizing Use-after-free vulnerability in DOM manipulation during image resize event Incorrect Enforcement of Content Security Policy (CSP) due to sandbox Directive Arbitrary Memory Write Vulnerability in WindowsDllDetourPatcher Class Use-after-free vulnerability in TLS 1.2 handshake hashes in Firefox and Thunderbird Use-After-Free Vulnerability in Firefox < 55: Potential Exploitable Crash in Layer Manager AppCache URL Hijacking Vulnerability Cross-Origin Information Leak in Firefox < 55 via Content Security Policy (CSP) Frame-Ancestors Directive Use-after-free vulnerability in Thunderbird and Firefox versions prior to 55 Memory Corruption Vulnerabilities in Firefox 55 and Firefox ESR 52.3 Memory Corruption Vulnerability in Firefox 55: Potential for Arbitrary Code Execution Drag-and-Drop File URL Opening Vulnerability in Firefox < 56 JavaScript Parser Integer Cast Vulnerability in Firefox < 56 Vulnerability: Bypassing Phishing and Malware Protection in Firefox and Thunderbird Arbitrary Domain Spoofing Vulnerability in Firefox < 56 Privileged URL Loading Vulnerability in WebExtensions for Firefox < 56 Full Screen Spoofing Vulnerability in Firefox for Android (Versions < 56) Use-after-free vulnerability in ARIA element manipulation within DOM Use-after-free vulnerability in image resizing in Firefox and Thunderbird Xray Wrapper Bypass Vulnerability in Firefox < 56 WebExtensions File Download and Open Vulnerability in Firefox < 56 Insecure AES-GCM Implementation in WebCrypto API Allows for Authentication Key Determination Cross-Site Scripting (XSS) Vulnerability in Firefox and Thunderbird Buffer Overflow Vulnerability in ANGLE Graphics Library Font-based IDN Spoofing Vulnerability on OS X Memory Corruption Vulnerabilities in Firefox 56 and Firefox ESR 52.4 Memory Corruption Vulnerability in Firefox 56: Potential for Arbitrary Code Execution Use-after-free vulnerability in Firefox, Firefox ESR, and Thunderbird Email Spoofing Vulnerability in Thunderbird < 52.5.2 Cross-Origin Information Disclosure in Resource Timing API Security Bypass Vulnerability in Firefox < 57: ExposedProps Access Control Failure Domain Spoofing Vulnerability in Firefox < 57 Domain Spoofing Vulnerability in Firefox < 57: Arabic and Indic Vowel Marker Characters Combined with Latin Characters Data URL Inheritance Vulnerability in Firefox < 57 Insecure Mixed Content Vulnerability in Firefox < 57 Privilege Escalation Vulnerability in Firefox Health Report's pingsender Executable Cross-Site Scripting (XSS) vulnerability in SVG data loaded through <img> tags in Firefox < 57 Punycode Spoofing Vulnerability in Firefox < 57 Control Character Bypass Vulnerability in Firefox < 57 JavaScript Injection in Exported Bookmarks File Referrer Leakage Vulnerability in Firefox < 57 Persistent Data Storage in Private Browsing Mode Vulnerability SVG Image History Query Vulnerability in Firefox 57.0.1 and Earlier Buffer Overflow Vulnerability in Direct 3D 9 with ANGLE Graphics Library JavaScript Execution Vulnerability in Thunderbird RSS Feed Viewer CSS Path Disclosure Vulnerability in Thunderbird < 52.5.2 New Line Injection Vulnerability in Thunderbird < 52.5.2 via RSS Fields Local Denial of Service Vulnerability in Nessus 6.10.x Local Privilege Escalation Vulnerability in Nessus 6.10.x before 6.10.5 Inadequate CSRF Protection in D-Link DCS-936L Devices with Firmware Before 1.05.07 Insecure CrossDomain.XML File Allows CSRF Attack on D-Link DCS Cameras Heap Buffer Overflow in libosip2: Remote DoS Vulnerability Heap-based Buffer Over-read Vulnerability in radare2 1.3.0 XSS Vulnerability in IceWarp Server 11.3.1.5 Webmail Component's language Parameter Heap-based Buffer Overflow in LibreOffice's SVMConverter::ImplConvertFromSVM1 Function Heap-based Buffer Overflow in FreeType 2 (CVE-2017-8105) Out-of-Bounds Write Vulnerability in FreeType 2 (CVE-2017-8105) Heap-based Buffer Overflow in FFmpeg's ff_h264_slice_context_init Function Heap-based Buffer Overflow in gRPC's parse_unix Function Out-of-Bounds Write Vulnerability in gRPC (CVE-2017-xxxx) Heap-based Buffer Overflow in FFmpeg's decode_frame function in libavcodec/pictordec.c Heap-based Buffer Overflow in FFmpeg's PNG Decoder (CVE-2017-XXXX) Heap-based Buffer Overflow in FreeType 2's tt_size_reset Function Heap-based Buffer Overflow in FFmpeg's Interplay Video Codec (CVE-2017-0144) Stack-based Buffer Overflow in FFmpeg's PNG Decoder (CVE-2017-0144) Heap-based Buffer Overflow in ICU's utf8TextAccess and utext_setNativeIndex* Functions Heap-based Buffer Overflow in ICU's utf8TextAccess and utext_moveIndex32* Functions GnuTLS Integer Overflow and Heap-Based Buffer Overflow in cdk_pkt_read Function Heap-based Buffer Overflow in LibreOffice's tools::Polygon::Insert Function Reflected XSS Vulnerability in tdm-master/webhook.php (challenge parameter) in trollepierre/tdm Heap Write Vulnerability in feh Wallpaper Setter Command Injection Vulnerability in QTS CSRF Vulnerability in flatCore 1.4.6: Remote Attackers Can Modify CMS Configurations Critical SQL Injection Vulnerability in flatCore 1.4.6: Unauthorized Database Access and Manipulation Critical SQL Injection Vulnerability in flatCore 1.4.6: Unauthorized Database Content Access CSRF Protection Bypass in BigTree CMS through 4.2.17 Out-of-Bounds Write Vulnerability in LibreOffice's HWPFile::TagsRead Function Privilege Escalation Vulnerability in APCUPSD Heap-Based Buffer Over-Read Vulnerability in Artifex jbig2dec 0.13 SQL Injection Vulnerability in Dolibarr ERP/CRM 4.0.4 via lang parameter in doli/theme/eldy/style.css.php Cross-Site Scripting (XSS) Vulnerability in Dolibarr ERP/CRM 4.0.4 Weak Password Storage in Dolibarr ERP/CRM 4.0.4: MD5 Algorithm Vulnerability Vulnerability: Inadequate Enforcement of CONFIG_STRICT_DEVMEM Protection Mechanism in Linux Kernel Uninitialized ColorMap Vulnerability in GD Graphics Library XSS Vulnerability in SourceBans++ 1.5.4.7: Admin.comms.php Rebanid Parameter Remote Crash Vulnerability in Sandstorm Cap'n Proto (Versions before 0.5.3.1) due to Compiler Optimization Impersonation Vulnerability in SaltStack Salt before 2016.3.6 User-Assisted Code Execution Vulnerability in WinDjView 2.1 Buffer Overflow Vulnerability in Linux NFS Server Implementations Cross-Site Scripting (XSS) Vulnerability in Trend Micro IMSVA 9.1 before CP 1644 Cross-Site Scripting (XSS) Vulnerability in MantisBT Timeline Include Page Improper Restriction of Excessive Authentication Attempts in Rockwell Automation Allen-Bradley MicroLogix Controllers Information Exposure: User Credentials Logged via HTTP GET Method Predictable Value Range in Rockwell Automation Allen-Bradley MicroLogix Controllers Nonce Reuse Vulnerability in Rockwell Automation Allen-Bradley MicroLogix Controllers Numeric Password Limitation Vulnerability Weak Cryptography for Passwords Vulnerability in General Electric (GE) Multilin Protection Relays Authentication Bypass Vulnerability in ABB IP GATEWAY 3.39 and Prior XML External Entity (XXE) Vulnerability in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and Prior Heap-Based Buffer Overflow in Gigasoft ActiveX Controls Advantech B+B SmartWorx MESR901 Firmware Authentication Bypass Vulnerability Stack-Based Buffer Overflow Vulnerability in Digital Canal Structural Wind Analysis Insufficient-Encapsulation Code Injection Vulnerability in CyberVision Kaa IoT Platform (Version 0.7.4) Unauthenticated Access to Hanwha Techwin SRN-4000 Device Management Page Plaintext Storage of Passwords in Moxa OnCell Devices Missing Authorization Vulnerability in Rockwell Automation PanelView Plus 6 700-1500 Brute Force Authentication Bypass Vulnerability in Moxa OnCell Devices Insufficient Privilege Restriction in ABB VSN300 WiFi Logger Card Title: Cross-Site Request Forgery Vulnerability in Moxa OnCell Devices Improper Access Control in Cambium Networks ePMP: Remote Configuration Backup and Unauthorized Access Authentication Bypass Vulnerability in Newport XPS-Cx and XPS-Qx Unauthenticated Access to Internal Information in ABB VSN300 WiFi Logger Card Authentication Bypass Vulnerability in Hikvision IP Cameras Improper Privilege Management in Cambium Networks ePMP: SNMP Community Strings Vulnerability Privilege Escalation and Identity Theft via Password in Configuration File Vulnerability Improper Input Validation in Rockwell Automation MicroLogix 1100 Controllers: Remote DoS Vulnerability Password in Configuration File Vulnerability in Dahua Devices Cross-Site Request Forgery Vulnerability in OSIsoft PI Web API Authentication Bypass via Password Hash Vulnerability in Dahua Devices Improper Access Control in SEL-3620 and SEL-3622 Security Gateway Allows Unauthorized Communications Absolute Path Traversal Vulnerability in Advantech WebAccess Version 8.1 and Prior Improper Authentication Vulnerability in OSIsoft PI Server 2017 PI Data Archive Unauthenticated Access to Configuration Files and Application Pages in ABB IP GATEWAY 3.39 and Prior Improper Certificate Validation Vulnerability in NXP i.MX Processors Plain-text Password Storage Vulnerability in ABB IP GATEWAY 3.39 and Prior Improper Authentication Vulnerability in OSIsoft PI Server 2017 PI Data Archive Resource Exhaustion Vulnerability in Phoenix Contact mGuard Firmware Stack-based Buffer Overflow Vulnerability in NXP i.MX and Vybrid Processors Unauthenticated Access to User Firewall in Phoenix Contact mGuard Firmware Stack-based Buffer Overflow in DMitry (Deepmagic Information Gathering Tool) Version 1.3a (Unix) Stack-based buffer over-read vulnerability in ImageWorsener 1.3.0 allows remote attackers to cause denial of service Memory Consumption Vulnerability in ImageWorsener 1.3.0 Memory Consumption Vulnerability in ImageMagick's ReadSGIImage Function Memory Consumption Vulnerability in ImageMagick's ReadAVSImage Function Memory Consumption Vulnerability in ImageMagick's ReadSVGImage Function XSS Vulnerability in XOOPS Core 2.5.8.1: Unescaped HTML Output in page_dbsettings.php Username Enumeration and Brute-Force Attack Vulnerability in Palo Alto Networks PAN-OS Denial of Service Vulnerability in radare2 1.3.0 via Crafted Mach0 File Sensitive Password Information Disclosure in NetApp Clustered Data ONTAP Integer Overflow in mark_curve Function in Artifex Ghostscript 9.21 Denial of Service Vulnerability in Nitro Pro 11.0.3 and Earlier via Crafted PCX File CSRF Vulnerability in WonderCMS before 2.0.3 SQL Injection Vulnerability in INFOR EAM V11.0 Build 201410 via Search Fields XSS Vulnerability in INFOR EAM V11.0 Build 201410 Comment Fields Remote Application Crash Vulnerability in XStream Heap-based Buffer Over-read Vulnerability in libcroco's cr_input_new_from_uri Function Undefined behavior issue in cr_tknzr_parse_rgb function in libcroco 0.6.11 and 0.6.12 Denial of Service Vulnerability in ImageWorsener 1.3.0 Denial of Service Vulnerability in GMP Library for PHP Default TELNET Password Vulnerability in Zyxel WRE6505 Devices Buffer Overflow Vulnerability in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller's AlTracePrint.exe DLL Hijacking Vulnerability in Schneider Electric's SoMachine HVAC v2.1.0 Memory Corruption Vulnerability in Schneider Electric's VAMPSET Software Prior to V2.2.189 Privilege Escalation via Incorrect Default Permissions in Schneider Electric Wonderware InduSoft Web Studio Cross-Site Request Forgery Vulnerability in Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Arbitrary Server Target Node Vulnerability in Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Outdated Cipher Suites and Improper SSL Certificate Verification Vulnerability in Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Remote Code Execution Vulnerability in Schneider Electric's PowerSCADA Anywhere v1.0 and Citect Anywhere v1.0 SQL Injection Vulnerability in Schneider Electric U.motion Builder Software Path Traversal Information Disclosure Vulnerability in Schneider Electric U.motion Builder Software Integer Overflow Vulnerability in Artifex jbig2dec 0.13 Allows Arbitrary Code Execution Integer Overflow Vulnerability in Artifex jbig2dec 0.13 Arbitrary Command Execution via Screensavercc Component in eLux RP Sensitive Information Disclosure Vulnerability in Samsung Android Devices (SVE-2017-8290) Vulnerability: Denial of Service and Uninitialized Memory Access in Linux Kernel 4.11.x through 4.11-rc7 Cirrus CLGD 54xx VGA Emulator Heap-Based Buffer Overflow Vulnerability Command Injection Vulnerability in Tuleap PhpWiki SyntaxHighlighter Plugin Integer Overflow in libplist's plist_from_bin Function Allows Remote Denial of Service PHPMailer Version Leakage Vulnerability in Joomla! XSS Vulnerability in Joomla! Template Manager Component (3.2.0 - 3.6.5) XSS Vulnerabilities in Joomla! Components due to Inadequate Filtering of Multibyte Characters XSS Vulnerabilities in Joomla! Components: Inadequate HTML Attribute Filtering XSS Vulnerabilities in Joomla! Template Manager Component Joomla! Article Author Overwrite Vulnerability Inadequate MIME Type Checks in Joomla! 3.2.0 through 3.6.5: Unauthorized SWF File Upload Vulnerability CSRF and XSS Vulnerability in OpenMRS Reporting Module 1.12.0 SQL Injection via Base64 Serialized API Key in Exponent CMS 2.4.1 and Earlier Reflected XSS Vulnerability in Heartland Payment Systems Payment Gateway PHP SDK NULL Pointer Dereference Vulnerability in TextExtractor::ExtractText function in PoDoFo 0.9.5 Xen PV Guest Information Disclosure Vulnerability SQL Injection Vulnerabilities in Gespage before 7.4.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gespage 7.4.9 and Earlier Denial of Service Vulnerability in Atlassian Eucalyptus EDGE Mode XSS Vulnerability in EMC RSA Authentication Manager 8.2 SP1 and Earlier Clear Text Storage of Credentials in EMC ScaleIO 2.0.1.x Multiple Blind SQL Injection Vulnerabilities in EMC Data Protection Advisor Path Traversal Vulnerability in EMC Data Protection Advisor Arbitrary File Upload Vulnerability in RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG Multiple Stored Cross-Site Scripting Vulnerabilities in EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG Products RSA Authentication Manager 8.2 SP1 Patch 1 and Earlier PIN Brute Force Vulnerability Directory Traversal Vulnerability in EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs Undocumented Default Account Vulnerability in EMC Monitoring Solutions JMX Protocol Denial of Service Vulnerability in EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) Solution Packs Undocumented Accounts with Hard-Coded Passwords in EMC Data Protection Advisor SQL Injection Vulnerability in EMC AppSync (Versions Prior to 3.5) Stored Cross-Site Scripting Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 via Questionnaire ID Field Reflected Cross-Site Scripting Vulnerability in EMC Network Configuration Manager (NCM) 9.3.x - 9.4.2.x Denial of Service Vulnerability in EMC AppSync Host Plug-In Versions 3.5 and Below (Windows Platform) Remote Denial of Service Vulnerability in EMC ScaleIO 2.0.1.x Buffer Overflow Vulnerability in EMC ScaleIO 2.0.1.x SDBG Service Allows Remote Code Execution with Root Privileges Undocumented Account Vulnerability in EMC Elastic Cloud Storage (ECS) before 3.1 Buffer Overflow Vulnerability in EMC NetWorker Unauthenticated Remote Code Execution Vulnerability in EMC NetWorker Reflected Cross-Site Scripting Vulnerability in EMC Isilon OneFS Arbitrary File Upload Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 LDAP Authentication Bypass Vulnerability in Pivotal Spring-LDAP Client Token Revocation Vulnerability in Cloud Foundry Foundation cf-release and UAA Privilege Escalation in Cloud Foundry UAA Privilege Escalation via Filesystem Traversal in Cloud Controller API Privilege Escalation Vulnerability in Cloud Foundry's Cloud Controller and Router Unauthorized File Access Vulnerability in Cloud Controller API Arbitrary Code Execution Vulnerability in Cloud Controller API Incomplete Fix for Information Leak / Disclosure Vulnerability in Cloud Foundry Foundation CAPI-release and cf-release Versions CredHub Interpolate Endpoint ACL Bypass Vulnerability Incomplete Fix for CVE-2017-4971 in Pivotal Spring Web Flow through 2.4.5 XML External Entity (XXE) Vulnerability in Single Sign-On Service Dashboard Cross-Site Scripting (XSS) Vulnerability in Single Sign-On for Pivotal Cloud Foundry (PCF) DOM-based Cross-Site Scripting (XSS) Vulnerability in Pivotal Single Sign-On for PCF Remote Code Execution Vulnerability in Pivotal Spring AMQP Arbitrary Code Execution Vulnerability in Spring Data REST and Spring Boot Open Redirect Vulnerability in Cloud Foundry Router Arbitrary Code Execution Vulnerability in Cloud Foundry CAPI and CF-Release Unauthorized Manipulation of Admin Password in Tenable Appliance Web UI Arbitrary Command Injection in Tenable Appliance Web UI XSS Vulnerability in Craft CMS before 2.6.2974 Denial of Service Vulnerability in PoDoFo 0.9.5 via Crafted PDF File in PdfParser::ReadDocumentStructure Denial of Service Vulnerability in PoDoFo 0.9.5: Infinite Recursion and Application Crash in PdfPagesTree::GetPageNodeFromArray User Enumeration Vulnerability in WatchGuard Fireware XML External Entity (XXE) Vulnerability in WatchGuard Fireware Joomla! Full Path Disclosure Vulnerability Acceptance of Invalid/Self-Signed TLS Certificates in Atlassian HipChat for iOS: Silent Interception Vulnerability Acceptance of Invalid TLS Certificates in Foxit PDF iOS App Allows Silent Interception of Login Information Acceptance of Invalid/Self-Signed TLS Certificates in Panda Mobile Security 1.1 for iOS Allows Silent Interception of Login Information Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x and 4.10.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x and 4.10.x Denial of Service Vulnerability in Linux Kernel 4.9.x and 4.10.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x and 4.10.x Vulnerability in Linux Kernel 4.9.x and 4.10.x: Denial of Service and Memory Corruption via CONFIG_VMAP_STACK Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x and 4.10.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel's virtio_console.c Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x Denial of Service and Memory Corruption Vulnerability in Linux Kernel 4.9.x Denial of Service Vulnerability in Linux Kernel 4.9.x HID CP2112 USB Driver Unspecified Impact Vulnerability in cp2112_gpio_direction_input Function Buffer Overflow Vulnerability in WeeChat IRC Plugin Hexadecimal Password Exposure Vulnerability in TP-Link TL-SG108E 1.0 Cleartext Password Retrieval Vulnerability in TP-Link TL-SG108E 1.0 Deprecated RC4 Encryption Vulnerability on TP-Link TL-SG108E 1.0 Hard-coded Ciphering Key Vulnerability in TP-Link TL-SG108E 1.0 Firmware (1.1.2 Build 20141017 Rel.50749) Remote Unauthorized Upgrade Vulnerability in TP-Link TL-SG108E 1.0 Arbitrary Code Execution via Image Upload in Atlassian Hipchat Server Insecure Cryptographic Salt Initialization in GetSimple CMS 3.3.13 Allows Privilege Escalation and CSRF Attacks CSRF Vulnerability in Thumbnail Editor of concrete5 8.1.0 BIOS Vulnerability: Firmware Rootkit Installation on CompuLab Intense PC and MintBox 2 Devices XSS Vulnerability in Exponent CMS elFinder Module Memory Leak in QEMU's v9fs_list_xattr Function Allows DoS via orig_value Variable PPPoE Packet Padding Information Leakage in AVM Fritz!Box 7490 Cross-Site Request Forgery (CSRF) Vulnerability in e107 2.1.4 Plugin Installation and Settings CSRF Vulnerability in WHIZZ Plugin for WordPress Allows Unauthorized User Deletion and Status Modification CSRF Vulnerability in CopySafe Web Protection Plugin for WordPress CSRF Vulnerability in Serendipity 2.0.5 Allows Unauthorized Theme Installation Stored XSS vulnerability in Serendipity v2.1-rc1 allows for admin cookie theft and information disclosure XSS Vulnerability in MyBB Email MyCode Component Directory Traversal Vulnerability in MyBB Smilie Module Heap-based Buffer Overflow in FreeType 2's t1_decoder_parse_charstrings Function NULL pointer dereference vulnerability in handle_invept function in Linux kernel 3.12 through 3.15 Symlink Attack Vulnerability in Lynis before 2.5.0 Vulnerability: Credential Leakage in SaltStack Salt 2016.11 before 2016.11.4 XXE Vulnerability in modified eCommerce Shopsoftware 2.0.2.2 rev 10690 Denial of Service via Message Ring Page Count in QEMU Arbitrary Password Reset Vulnerability in Roundcube Webmail Directory Traversal Vulnerability in MODX Revolution 2.5.7's url_search.php Processor Remote Command Execution Vulnerability in Teltonika RUT9XX Routers Privilege Elevation Vulnerability in UMA Product with Software V200R001 and V300R001 Information Leak Vulnerability in UMA Product with Software V200R001 and V300R001 Privilege Elevation Vulnerability in UMA Product (V200R001 and V300R001) Privilege Elevation Vulnerability in UMA Product (V200R001 and V300R001) Information Leak Vulnerability in UMA Product with Software V200R001 and V300R001 Privilege Elevation Vulnerability in UMA Product with Software V200R001 Privilege Elevation Vulnerability in UMA Product with Software V200R001 Privilege Elevation Vulnerability in UMA Product with Software V200R001 Cross-Site Scripting (XSS) Vulnerability in UMA Product V200R001 and V300R001 Privilege Elevation Vulnerability in UMA Product with Software V200R001 Cross-Site Scripting (XSS) Vulnerability in UMA Product V200R001 Privilege Elevation Vulnerability in UMA Product with Software V200R001 and V300R001 Privilege Elevation Vulnerability in UMA Product (V200R001 and V300R001) Information Leak Vulnerability in UMA Product with Software V200R001 and V300R001 Command Injection Vulnerability in FusionSphere OpenStack Software Command Injection Vulnerability in FusionSphere OpenStack Software Command Injection Vulnerability in Huawei iManager NetEco Software V600R008C00 and V600R008C10 Command Injection Vulnerability in FusionSphere OpenStack Software Command Injection Vulnerability in FusionSphere OpenStack Software Arbitrary File Download Vulnerability in HedEx Earlier than V200R006C00 Versions DLL Hijacking Vulnerability in HedEx Earlier than V200R006C00 Versions Cross-Site Request Forgery (CSRF) Vulnerability in HedEx Earlier than V200R006C00 Versions Stored Cross-Site Scripting (XSS) Vulnerability in HedEx Earlier than V200R006C00 Versions Memory Double Free Vulnerability in Soundtrigger Driver of P9 Plus Smart Phones Memory Double Free Vulnerability in P10 Plus Smart Phones Use After Free (UAF) Vulnerability in Mate 9 and Mate 9 Pro Smart Phones DoS Vulnerability in Wi-Fi Driver of Honor 5C and P9 Lite Huawei Smartphones Resource Exhaustion Vulnerability in Huawei Smartphones DoS Vulnerability in P10 and P10 Plus Smartphones' Call Module DoS Vulnerability in P10 and P10 Plus Smartphones' Call Module MaxAge LSA Vulnerability in Multiple Huawei Devices Denial of Service Vulnerability in P9 Smartphones' Audio Driver Out-of-Bounds Memory Access Vulnerability in Huawei P10 and P10 Plus Boot Loaders Arbitrary Memory Write Vulnerability in Huawei P10 and P10 Plus Boot Loaders Authentication Bypass Vulnerability in Huawei Honor 5S Smart Phones Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Honor 5S Smart Phones Privilege Elevation Vulnerability in Huawei VMall (Android) Versions Before 1.5.8.5 Man-in-the-Middle Vulnerability in Themes App of Honor 8 Lite Huawei Mobile Phones Unauthenticated Command Execution Vulnerability in CPE Product B2338-168 V100R001C00 Unauthenticated Serial Port Access Vulnerability in CPE Product B2338-168 V100R001C00 Information Leakage Vulnerability in OceanStor Storage Systems Improper Authorization Vulnerability in FusionCompute: Exhaustion of System Resources Type Confusion Vulnerability in Huawei Smartphones with Software AGS-L09C233B019, AGS-W09C233B019, KOB-L09C233B017, KOB-W09C233B012 Use After Free (UAF) Vulnerability in Huawei Smart Phones' Madapt Driver Factory Reset Protection (FRP) Bypass Vulnerability in EVA-L09 Smartphones DoS Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S, AR, AR-S Denial of Service (DoS) Vulnerability in Huawei Smart Phones Sensitive Information Leak Vulnerability in Mate 9 Huawei Smartphones App Lock Bypass Vulnerability in Huawei Honor V9 DoS Vulnerability in Huawei USG9500 V500R001C50 Firewall Products: Remote Restart Exploit via Malformed IKE Packets Information Leak Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) and V100R006C10 Buffer Overflow Vulnerability in Huawei Smart Phones with Software Earlier than VIE-L09C40B360 Versions Buffer Overflow Vulnerability in Huawei Smart Phones with Software Earlier than VIE-L09C40B360 Versions Vulnerability in Huawei Smartphones: Factory Reset Protection (FRP) Bypass Denial of Service (DoS) Vulnerability in P10 Plus and P10 Smart Phones Factory Reset Protection (FRP) Bypass Vulnerability in Huawei and Honor Smartphones Weak Algorithm Vulnerability in Huawei USG6300 and USG6600 Routers Insufficient Input Validation Vulnerability in Huawei Mobile Phones Authentication Bypass Vulnerability in Huawei IPTV STB Huawei HiWallet APK Hijacking Vulnerability Stored Cross-Site Scripting Vulnerability in Huawei Email APP on Vicky-AL00 Smartphones Buffer Overflow Vulnerability in Huawei Smart Phones with MTK Platform Camera Driver Buffer Overflow Vulnerability in Huawei Smart Phones with MTK Platform Camera Driver Arbitrary Memory Write Vulnerability in Huawei Smart Phones with MTK Platform Out-of-Bound Read Vulnerability in MTK Platform of Huawei Smart Phones Memory Access Vulnerability in MTK Platform of Huawei Smart Phones Memory Access Vulnerability in MTK Platform of Huawei Smart Phones Privilege Elevation Vulnerability in ME906s-158 DOS Vulnerability in Huawei Mobile Phones: Exploiting Parameter Validation Flaw Privilege Escalation Vulnerability in Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) Command Injection Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Path Traversal Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Improper Verification of Cryptographic Signature in FusionSphere OpenStack V100R006C00SPC102(NFV) Weak Cryptographic Algorithm Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Improper Authorization Vulnerability in FusionSphere OpenStack V100R006C00 Command Injection Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Improper Authentication Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Improper Authentication Vulnerability in FusionSphere OpenStack V100R006C00SPC102(NFV) Incorrect Authorization Vulnerability in FusionSphere V100R006C00SPC102(NFV) Command Injection Vulnerability in FusionSphere V100R006C00SPC102(NFV) SQL Injection Vulnerability in FusionSphere V100R006C00SPC102(NFV) Out-of-Bounds Read Vulnerability in H323 Protocol Allows Process Reboot Out-of-Bounds Read Vulnerability in H323 Protocol Leads to Process Reboot Memory Leak Vulnerability in H323 Protocol Allows for Denial of Service (DoS) Attacks Buffer Overflow Vulnerability in Huawei Smart Phone CameraISP Driver Use After Free (UAF) Vulnerability in Bastet Driver of Huawei Nova 2 Plus and Nova 2 Smartphones Buffer Overflow Vulnerability in Bastet Driver of Honor 9 Huawei Smart Phones Integer Overflow Vulnerability in Bastet Driver of Honor 9 Huawei Smart Phones App Lock Bypass Vulnerability in HONOR 7 Lite Mobile Phones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Buffer Overflow Vulnerability in Huawei Honor 5C and Honor 6X Smartphones Huawei SMC2.0 TLS Module Crash Vulnerability Unlock Code Verification Bypass Vulnerability in Huawei Smartphones Permission Control Vulnerability in Multiple Huawei Smartphones Permission Control Vulnerability in Warsaw Huawei Smart Phones Permissive iptables rules allow unrestricted SNMP access on TP-Link C2 and C20i devices Backdoor Accounts Vulnerability in TP-Link C2 and C20i Devices HTTP Server Denial of Service Vulnerability in TP-Link C2 and C20i Devices Remote Code Execution Vulnerability in TP-Link C2 and C20i Devices Cleartext UDP Tunnel Protocol Vulnerability in Wireless IP Cameras Vulnerability: Exposure of Private RSA Key and Certificate in Wireless IP Cameras Unauthenticated Streaming Vulnerability on Wireless IP Camera (P2P) WIFICAM Devices Critical Backdoor Vulnerability in Wireless IP Cameras (P2P) Allows Unauthorized Access Authentication Bypass Vulnerability in Wireless IP Camera (P2P) WIFICAM Devices Default Credentials Hardcoded in Amcrest IPM-721S V2.420.AC00.16.R.20160909 Firmware Vulnerability: Lack of Account Lockout in Amcrest IPM-721S V2.420.AC00.16.R.20160909 ONVIF Implementation Amcrest IPM-721S V2.420.AC00.16.R.20160909 Camera Unauthorized Access Vulnerability Unauthenticated Download of Administrative Credentials in Amcrest IPM-721S V2.420.AC00.16.R.20160909 Devices Unauthenticated User Addition Vulnerability on Amcrest IPM-721S V2.420.AC00.16.R.20160909 Devices Out-of-Bounds Heap Write Vulnerability in Android Camera Driver Function Out of Bounds Access Vulnerability in Android Camera Function Memory Structure Vulnerability in Android Camera Driver Buffer Overflow Vulnerability in Android CAF's IPA Driver Buffer Overflow Vulnerability in Android CAF Releases: Firmware Image Loading Buffer Overflow Vulnerability in Android Camera Function Flash Initialization Vulnerability in Android Releases from CAF with Linux Kernel Off-by-One Buffer Over-read Vulnerability in Android CAF Kernel Driver Buffer Overflow Vulnerability in Android WLAN Function Race Condition in QTEE Driver: Arbitrary Memory Write Vulnerability Firmware Image File Buffer Overflow Vulnerability in Qualcomm Products Race Condition Vulnerability in core_info_read and inst_info_read in Android Releases from CAF Android CAF Linux Kernel Voice SVC Request Out of Bounds Memory Copy Vulnerability Dangling Pointer Vulnerability in msm_pcm_playback_close() Function Multiple Device Open Vulnerability in Qualcomm Android Releases Buffer Overflow Vulnerability in Qualcomm Telephony: Apple iPhone, iPad, and iPod Touch Devices Vulnerability: Integer Overflow to Buffer Overflow in Qualcomm Android Products Potential Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel TrustZone Information Disclosure Vulnerability in Multiple Snapdragon Platforms Kernel Memory Overwrite Vulnerability in Qualcomm Android Releases Critical Vulnerability: Dereferencing of Invalid Audio Client Pointer in Qualcomm Android Releases Integer Overflow Vulnerability in Qualcomm Android Releases with Linux Kernel Array Out of Bounds Access Vulnerability in Qualcomm Android Releases with CAF and Linux Kernel Vulnerability: Debug Buffer Race Condition in Qualcomm Android Releases with CAF and Linux Kernel Critical Vulnerability: Array Out-of-Bounds Access in Qualcomm Android Camera Driver Buffer Overflow Vulnerability in Qualcomm Android Service Locator Out of Bounds Write Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Kernel Overwrite Vulnerability in Qualcomm Android Camera Driver Ioctl Race Condition Vulnerability in Qualcomm Android Releases with CAF and Linux Kernel Kernel Fault Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Denial of Service Vulnerability in Qualcomm Camera Driver on Android Devices Race Condition Vulnerability in Qualcomm Video Driver Leads to Double Free Race Condition Vulnerability in Qualcomm Android Video Driver Race Condition Vulnerability in Qualcomm Android Releases with Linux Kernel Vulnerability in Qualcomm Android Camera Application Leads to Heap Buffer Over-read Kernel Memory Exposure Vulnerability in Qualcomm Android Devices Race Condition Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Vulnerability: Out-of-Bound Memory Write in MDSS Rotator Driver Out of Bounds Heap Write Vulnerability in Qualcomm Android Products Buffer Overflow Vulnerability in Qualcomm Android Devices with Disabled Verified Boot Access Control Vulnerability in Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Integer Overflow Vulnerability in Qualcomm Snapdragon Mobile SD Video Library Fuse-based Improper Authorization Vulnerability in Snapdragon Devices Use-after-free vulnerability in Qualcomm Android CAF with Linux kernel Buffer Overflow and Integer Overflow Vulnerability in Qualcomm Android Products Vulnerability: Missing Race Condition Protection and Buffer Over-read in Android for MSM, Firefox OS for MSM, QRD Android Race Conditions and Memory Leak Vulnerability in Qualcomm Android Devices Race Condition Vulnerability in Qualcomm Android Releases with CAF and Linux Kernel User-Assisted Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Directory Traversal Vulnerability in dpkg-source Unbounded Instruction Size Vulnerability in QEMU's disas_insn Function Heap-based Buffer Overflow in FreeType 2's t1_builder_close_contour Function Gnome-Shell Extension Reload Vulnerability Stack-based Buffer Overflow in RIOT's ipv6_addr_from_str Function TeamSpeak Server 3.0.13.6 Buffer Overflow Vulnerability: Windows Client Crash via Vulnerable Channel Artifex Ghostscript Remote Command Execution Vulnerability Denial of Service in YARA 3.5.0 via Crafted Rule in libyara/re.c Password Reset Vulnerability in WordPress Cleartext History File Vulnerability in KedPM 0.5 and 1.0 Path Traversal Vulnerability in Simple PHP File Manager XSS Vulnerability in cnvs.io Canvas 3.3.0 Vulnerability: Lack of TLS Certificate Verification in LibreSSL 2.5.1 to 2.5.3 Cross-Site Scripting (XSS) Vulnerabilities in Mura CMS 7.0.6967 Remote Code Execution Vulnerability in Accellion FTA Devices XSS Vulnerability in Accellion FTA Devices: courier/1000@/oauth/playground/callback.html Buffer Overflow in UDFclient's Custom strlcpy Implementation Avast Antivirus Pre-v17: Privilege Escalation and File Manipulation Vulnerability Avast Antivirus Vulnerability: Unauthorized Process Trust Bypass QEMU Audio Memory Leak Vulnerability Heap Out-of-Bound Read Vulnerability in VideoLAN VLC 2.2.x Heap-based Buffer Overflow in ParseJSS in VideoLAN VLC Heap Out-of-Bound Read Vulnerability in VideoLAN VLC's ParseJSS Allows Uninitialized Data Leak Heap Out-of-Bound Read Vulnerability in VideoLAN VLC Allows for Data Leakage and Process Crash Arbitrary File Write Vulnerability in Kodi's Zip Extraction Function XML External Entity (XXE) Vulnerability in Eclipse IDE 2017.2.5 and Earlier IntelliJ IDEA XML Parser Vulnerable to XML External Entity (XXE) Attack Heap-based Buffer Overflow in ImageWorsener's iw_process_cols_to_intermediate Function Undefined Behavior in libimageworsener.a: Remote Denial of Service and Potential Impact via Crafted Image Memory Consumption Denial of Service Vulnerability in ImageWorsener Cross-Site Request Forgery Vulnerability in Securifi Almond Devices Stack Overflow Vulnerability in Securifi Almond Devices Vulnerability: Denial of Service (DoS) in Securifi Almond Devices Command Injection Vulnerability in Securifi Almond Devices Stored Cross-Site Scripting Vulnerability on Securifi Almond Devices Command Injection Vulnerability on Securifi Almond Devices Cross-Site Scripting (XSS) Vulnerability on Securifi Almond Devices Stack Overflow Vulnerability in Securifi Almond Devices Stack Overflow Vulnerability in Securifi Almond Devices Unauthenticated Remote Password Brute-Force Vulnerability on Securifi Almond Devices Denial of Service Vulnerability in MikroTik Version 6.38.5 via UDP Flood on Port 500 Denial of Service Vulnerability in Panda Free Antivirus 18.0 Incorrect Access Control in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Content Spoofing Vulnerability in Open-Xchange GmbH OX App Suite 7.8.3 and earlier Timing Oracle and Brute-Force Vulnerability in Radicale Authentication Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadAAIImage Function Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadPCXImage Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted File Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadDCMImage Function Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadEXRImage Function Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadSFWImage Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted JNG Image Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadPCDImage Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted XWD File Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted PICT File Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted BMP File Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted File Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted File Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadEPTImage Function Heap-based Buffer Overflow in LibreOffice's ReadJPEG Function Out-of-Bounds Write Vulnerability in gRPC (CVE-2017-xxxx) Sensitive Keystroke Data Leakage in Conexant Systems MicTray64 Task Buffer Overflow Vulnerability in libsndfile 1.0.28 Denial of Service Vulnerability in libsndfile 1.0.28 via Crafted Audio File Heap-based Buffer Over-read Vulnerability in libsndfile 1.0.28 Heap-based Buffer Overflow in rzip 2.1's read_buf Function Buffer Over-read Vulnerability in libsndfile 1.0.28 Heap-based Buffer Overflow in Ettercap's strescape Function Buffer Overflow Vulnerability in Ether Software Easy MOV Converter 1.4.24 and Other Products Denial of Service Vulnerability in Sublime Text 3 Build 3126 via Crafted .mkv File Arbitrary Code Execution Vulnerability in IrfanView 4.44 (32bit) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.45 Cleartext RAM Storage Vulnerability in Schneider Electric StruxureWare Data Center Expert Denial of Service Vulnerability in Underbit MAD libmad 0.15.1b Heap-based Buffer Overflow in Underbit MAD libmad 0.15.1b Heap-based Buffer Over-read Vulnerability in Underbit MAD libmad 0.15.1b Authenticated Comment XSS Vulnerability in GeniXCMS 1.0.2 SQL Injection Vulnerability in GeniXCMS 1.0.2 via menuid parameter in menus.control.php Heap-based Buffer Overflow in PoDoFo 0.9.5 PdfParser::ReadObjects Function QEMU Keyboard Input Event Handlers Memory Leak Vulnerability Buffer Overflow in Qemu 2.9.0's megasas_mmio_write Function User-Assisted Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 CSRF Vulnerability in Admidio 3.2.8 Allows Deletion of Arbitrary User Accounts Unrestricted File Viewing Vulnerability in Craft CMS before 2.6.2976 Incomplete Fix for XSS Vulnerability in Craft CMS URL Modification Vulnerability in Craft CMS before 2.6.2976 Privilege Escalation via Repository Name in Git Remote Code Execution Vulnerability in STDU Viewer version 1.6.375 Bypassing Protection Mechanism in GeniXCMS 1.0.2 via register.php Vulnerability Arbitrary Code Execution Vulnerability in Palo Alto Networks PAN-OS DNS Proxy Sensitive Information Exposure in CA Client Automation OS Installation Management Component Invalid Read Vulnerability in GNU Binutils 2.28's libbfd Library Global Buffer Over-read Vulnerability in GNU Binutils 2.28 NULL Pointer Dereference Vulnerability in libbfd Library Invalid Write Vulnerability in GNU Binutils 2.28's libbfd Library Invalid Read Vulnerability in GNU Binutils 2.28's libbfd Library Invalid Read and Write Vulnerability in GNU Binutils 2.28 Invalid Read Vulnerability in dwarf.c in GNU Binutils 2.28 Stack-based Buffer Overflow in PCRE2: Out-of-Bounds Write Vulnerability Out-of-Bounds Write Vulnerability in SWFTools 0.9.2 Out-of-Bounds Read Vulnerability in SWFTools 0.9.2 Arbitrary PHP Code Execution via .htaccess File Upload in PivotX 2.3.11 Unauthenticated Wi-Fi Password Changes and Complete Access Vulnerability in 360fly 4K Cameras Command Injection Vulnerability in D-Link DCS-1130 Devices Unauthenticated Access to D-Link DCS-1130 and DCS-1100 Video Feeds Unrestricted Crossdomain.xml Access and Cross-Site Flashing Vulnerability in D-Link DCS-1130 Devices Cross-Site Request Forgery Vulnerability in D-Link DCS-1130 Web Management Interface Command Injection Vulnerability in D-Link DCS-1130 Devices Unauthenticated Access to Live Video Feed on D-Link DCS-1130 Devices Stack-based Buffer Overflow in D-Link DCS-1100 and DCS-1130 RTSP Handling Command Injection Vulnerability in D-Link DCS-1130 Devices Stack Overflow and Command Injection Vulnerability in D-Link DCS-1100 and DCS-1130 Devices Unauthenticated Command Execution Vulnerability in D-Link DCS-1100 and DCS-1130 Devices Memory Corruption Vulnerability in D-Link DCS-1100 and DCS-1130 UPnP Handling Vulnerability: Hardcoded Hash in D-Link DCS-1100 and DCS-1130 Devices Buffer Overflow Vulnerability in D-Link DCS-1100 and DCS-1130 Devices Unauthenticated Password Retrieval Vulnerability in D-Link DCS-1100 and DCS-1130 Devices Insecure Cache File Handling in RuboCop 0.48.1 and Earlier Buffer Overflow Vulnerability in LAME 3.99.5 SWFTools Font2SWF TTF File Handling DoS Vulnerability Memory Leak Vulnerability in coff_set_alignment_hook in libbfd Privilege Escalation Vulnerability in KDE kdelibs and KAuth Privilege Escalation Bug in Elastic X-Pack Security Versions 5.0.0 to 5.4.0 Time Series Visual Builder XSS Vulnerability in Kibana 5.4.0 Kibana 5.3.0 Discover Page Cross-Site Scripting (XSS) Vulnerability Insecure Document Level Security Implementation in Elastic X-Pack Security Elasticsearch X-Pack Security Information Leakage Vulnerability Improper Initialization of Kibana Login Screen Vulnerability Insecure Traffic Encryption in Elastic Cloud Enterprise Client-Forwarder X-Pack Security TLS Trust Manager Vulnerability Impersonation Vulnerability in X-Pack and Reporting Plugin Privilege Escalation in X-Pack Security: Unauthorized Delete and Index Requests X-Pack Alerting 5.0.0 to 5.6.0 Vulnerability: Privilege Escalation through Watch Creation Field Level Security Vulnerability in X-Pack Security 5.2.x Inadequate Document and Field Level Security in X-Pack 5.1.1 Open Redirect Vulnerability in Kibana Login Page with X-Pack Installed Kibana SSL Client Access File Descriptor Accumulation Vulnerability Out-of-Bounds Read Vulnerability in Foxit Reader and PhantomPDF Out-of-Bounds Read Vulnerability in Foxit Reader and PhantomPDF Out-of-Bounds Read Vulnerability in Foxit Reader and PhantomPDF URI Obfuscation Vulnerability in Brave 0.12.4 Status Bar Obfuscation Vulnerability in Brave 0.12.4 Windows PDF Information Disclosure Vulnerability Windows RPC Remote Code Execution Vulnerability with Routing and Remote Access Windows Kernel Information Disclosure Vulnerability Windows Explorer Remote Code Execution Vulnerability LNK Remote Code Execution Vulnerability Win32k Elevation of Privilege Vulnerability Windows Cursor Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows Win32k Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability in Microsoft Windows Win32k Information Disclosure Vulnerability in Microsoft Windows Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability in Microsoft Windows 7, Windows Server, and Windows 10 Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability in Microsoft Windows Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability in Microsoft Windows Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability in Microsoft Windows Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability Windows OLE Remote Code Execution Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Security Feature Bypass Vulnerability due to Case Sensitivity Enforcement Failure Windows Secure Kernel Mode Object Handling Vulnerability Kerberos SNAME Security Feature Bypass Vulnerability Microsoft Edge Memory Corruption Vulnerability Microsoft Edge Memory Corruption Vulnerability Microsoft Edge JavaScript XML DOM Objects Information Disclosure Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Office Remote Code Execution via Memory Corruption Vulnerability Microsoft Office Remote Code Execution via Memory Corruption Vulnerability Microsoft Edge AppContainer Sandbox Escape Vulnerability Microsoft Edge Information Disclosure Vulnerability Microsoft Office Remote Code Execution Vulnerability Exploiting Microsoft Office Memory Corruption Vulnerability: Remote Code Execution Risk File Format Parsing Security Bypass Vulnerability in Microsoft Office Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability PowerPoint Object Memory Handling Remote Code Execution Vulnerability Microsoft SharePoint Reflective XSS Vulnerability Windows VAD Cloning Denial of Service Vulnerability Improper Permissions Enforcement in Microsoft SQL Server Analysis Services Microsoft browsers Scripting Engine Memory Corruption Vulnerability Edge's Scripting Engine Memory Corruption Vulnerability: Remote Code Execution Risk Internet Explorer Memory Corruption Vulnerability Edge JavaScript Scripting Engine Memory Corruption Vulnerability Edge JavaScript Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Microsoft Edge Same Origin Policy Bypass Vulnerability Microsoft browsers' vulnerability in handling objects in memory, allowing arbitrary code execution, is titled Scripting Engine Memory Corruption Vulnerability. Windows Graphics Remote Code Execution Vulnerability Windows Uniscribe Remote Code Execution Vulnerability Microsoft Browser Information Disclosure Vulnerability Microsoft Edge Same-Origin Policy Bypass Vulnerability Graphics Uniscribe Information Disclosure Vulnerability Graphics Uniscribe Information Disclosure Vulnerability in Windows Server and Windows Operating Systems Graphics Uniscribe Information Disclosure Vulnerability in Windows Server and Windows Operating Systems Windows Uniscribe Memory Disclosure Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability (CVE-2017-8543) Microsoft Malware Protection Engine Memory Corruption Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Memory Corruption Vulnerability Microsoft Malware Protection Engine Memory Corruption Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Windows Search Remote Code Execution Vulnerability Windows Search Memory Handling Vulnerability Outlook for Mac HTML Spoofing Vulnerability Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Skype for Business Content Sanitization Failure Remote Code Execution Vulnerability Microsoft SharePoint Elevation of Privilege Vulnerability Win32k Kernel-Mode Driver Elevation of Privilege Vulnerability GDI Information Disclosure Vulnerability in Microsoft Windows Memory Disclosure Vulnerability in Microsoft Windows Operating Systems Microsoft Edge Content Security Policy Bypass Vulnerability Microsoft Graphics Component Elevation of Privilege Vulnerability XML External Entity (XXE) Vulnerability in Windows System Information Console Memory Corruption Vulnerability in Microsoft Malware Protection Engine Microsoft Exchange Cross-Site Scripting Vulnerability in Outlook Web Access Microsoft Exchange Cross-Site Scripting Vulnerability in Outlook Web Access Windows Kernel Elevation of Privilege Vulnerability Windows ALPC Elevation of Privilege Vulnerability Kerberos to NTLM Authentication Protocol Elevation of Privilege Vulnerability Windows Kernel Memory Initialization Vulnerability Windows PowerShell Remote Code Execution Vulnerability Windows IME Elevation of Privilege Vulnerability Microsoft Excel for Mac 2011 Remote Code Execution Vulnerability SharePoint Server Elevation of Privilege Vulnerability Memory Object Handling Vulnerability in Microsoft Office Security Feature Bypass Vulnerability in Microsoft Outlook Versions 2007-2016 Memory Disclosure Vulnerability in Microsoft Outlook Microsoft Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component Elevation of Privilege Vulnerability in Windows 10 and Windows Server 2016 Microsoft Graphics Component Information Disclosure Vulnerability in Windows 10 and Windows Server 2016 Microsoft Graphics Component Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Multiple Microsoft Windows Versions Win32k Elevation of Privilege Vulnerability in Multiple Microsoft Windows Versions DirectX Elevation of Privilege Vulnerability in Microsoft Windows 10 and Windows Server 2016 Win32k Elevation of Privilege Vulnerability in Multiple Microsoft Windows Versions Win32k Elevation of Privilege Vulnerability in Multiple Microsoft Windows Versions HTTP.sys Memory Object Handling Vulnerability HoloLens Remote Code Execution Vulnerability in Windows 10 1607 and Windows Server 2016 .NET Denial of Service Vulnerability Windows Explorer Non-Existent File Denial of Service Vulnerability WordPad Remote Code Execution Vulnerability Windows Search Remote Code Execution Vulnerability Windows CLFS Elevation of Privilege Vulnerability Windows IME Memory Handling Remote Code Execution Vulnerability Microsoft Browser Security Feature Bypass Vulnerability Win32k Memory Object Handling Elevation of Privilege Vulnerability Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Memory Object Handling Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Content Security Policy (CSP) Validation Bypass Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge HTTP Content Parsing Spoofing Vulnerability in Microsoft Browsers Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 are vulnerable to arbitrary code execution due to a memory corruption issue in the JavaScript engines, referred to as the Scripting Engine Memory Corruption Vulnerability. Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Scripting Engine Memory Corruption Vulnerability in Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Web Content Spoofing Vulnerability Unauthorized Access via Misconfigured Azure AD Connect Password Writeback Microsoft Edge Remote Code Execution Vulnerability in Scripting Engines Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge on Windows 10 and Windows Server 2016 Windows Search Memory Object Handling Vulnerability Open Redirect Vulnerability in Microsoft Exchange Server 2010, 2013, and 2016 Windows Subsystem for Linux NT Pipe Handling Elevation of Privilege Vulnerability Windows Hyper-V Denial of Service Vulnerability Windows CLFS Elevation of Privilege Vulnerability Internet Explorer Security Feature Bypass Vulnerability Memory Object Handling Vulnerability in Windows Subsystem for Linux Bluetooth Spoofing Vulnerability in Microsoft Windows SharePoint Server 2013 Service Pack 1 Elevation of Privilege Vulnerability Microsoft Office 2016 Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Office: Memory Corruption Microsoft Office Memory Corruption Vulnerability Windows Error Reporting Elevation of Privilege Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 are vulnerable to arbitrary code execution through memory corruption in JavaScript engines, referred to as the Scripting Engine Memory Corruption Vulnerability. Microsoft Browser Scripting Engine Memory Corruption Vulnerability Scripting Engine Security Feature Bypass Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 are vulnerable to arbitrary code execution due to memory corruption in the scripting engine. This vulnerability is known as Scripting Engine Memory Corruption Vulnerability. Microsoft Edge JavaScript Validation Elevation of Privilege Vulnerability Microsoft Edge Clipboard Information Disclosure Vulnerability Microsoft Edge Memory Object Handling Information Disclosure Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Memory Object Handling Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Same-Origin Policy Bypass in Microsoft Edge Internet Explorer Memory Corruption Vulnerability Microsoft Edge Memory Object Handling Information Disclosure Vulnerability Microsoft Browser Memory Corruption Vulnerability SharePoint Server 2010 Service Pack 2 Cross-Site Scripting (XSS) Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Chakra JavaScript Engine Remote Code Execution Vulnerability Chakra Scripting Engine Information Disclosure Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Memory Corruption Vulnerability Microsoft Edge String Validation Information Disclosure Vulnerability Microsoft Office Outlook Memory Corruption Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Xamarin.iOS Elevation of Privilege Vulnerability on macOS Win32k Memory Object Handling Vulnerability Kernel Information Disclosure Vulnerability in Volume Manager Extension Driver Microsoft Browser Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Win32k Elevation of Privilege Vulnerability Windows GDI+ Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability Win32k Graphics Remote Code Execution Vulnerability Win32k Graphics Remote Code Execution Vulnerability Windows GDI+ Kernel Memory Address Disclosure Vulnerability Windows GDI+ Kernel Memory Address Disclosure Vulnerability Windows DHCP Server Memory Corruption Vulnerability Win32k Information Disclosure Vulnerability Windows GDI+ Kernel Memory Address Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Express Compressed Fonts Remote Code Execution Vulnerability Uniscribe Remote Code Execution Vulnerability Microsoft Graphics Component Memory Object Handling Vulnerability Win32k Elevation of Privilege Vulnerability Graphics Component Information Disclosure Vulnerability Microsoft Graphics Component Remote Code Execution Vulnerability Windows Shell Remote Code Execution Vulnerability CORS Bypass Vulnerability in ASP.NET Core Windows Elevation of Privilege Vulnerability in Windows Error Reporting (WER) Windows Subsystem for Linux Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Information Disclosure Vulnerability Hyper-V Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Information Disclosure Vulnerability via XML External Entity (XXE) in Microsoft Common Console Document (.msc) Hyper-V Information Disclosure Vulnerability Hyper-V Information Disclosure Vulnerability Hyper-V Information Disclosure Vulnerability Hyper-V Remote Code Execution Vulnerability Windows Security Feature Bypass in Microsoft Device Guard Windows Control Flow Guard Bypass Vulnerability Microsoft JET Database Engine Remote Code Execution Vulnerability Microsoft JET Database Engine Remote Code Execution Vulnerability Windows Kernel Information Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Microsoft Edge Content Security Policy Validation Bypass Vulnerability Microsoft Edge Spoofing Vulnerability Memory Object Handling Vulnerability in Microsoft Publisher Allows Remote Code Execution Microsoft Edge Memory Corruption Vulnerability Windows Shell Memory Corruption Vulnerability Windows PDF Remote Code Execution Vulnerability Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Memory Corruption Vulnerability Internet Explorer HTML Content Spoofing Vulnerability Microsoft Edge Memory Corruption Vulnerability Microsoft Edge Spoofing Vulnerability Microsoft Browser Information Disclosure Vulnerability Windows PDF Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Information Disclosure Vulnerability in Microsoft Edge Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Internet Explorer and Microsoft Edge PowerPoint Remote Code Execution Vulnerability PowerPoint Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability Microsoft SharePoint Foundation 2013 Service Pack 1 Elevation of Privilege Vulnerability Device Guard Security Feature Bypass Vulnerability in Windows Device Guard Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Microsoft Edge Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Content Security Policy Validation Bypass Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Edge Remote Code Execution Vulnerability Microsoft Exchange Server 2016 Cross-Site Scripting Vulnerability .NET Framework Remote Code Execution Vulnerability XSS Vulnerability in Accellion FTA Devices Leakage of Reusable TempURL Signatures in OpenStack Swift XSS Vulnerability in GeniXCMS 1.0.2 via Crafted oncut Attribute in B Element EPESI 1.8.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in check_for_new_version.php Memory Leak Vulnerability in ReadICONImage Function of ImageMagick 7.0.5-5 Remote Code Execution Vulnerability in IrfanView 4.44 (32bit) via Crafted .mov File Command Injection Vulnerability in Atlassian SourceTree v2.5c and Prior (SRCTREE-4632) Cleartext Storage of Deleted Chat Files in Facebook WhatsApp Messenger for Android LFD Vulnerability in BE126 WIFI Repeater 1.0 Devices Allows Full Filesystem Access Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Remote Code Execution Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Unauthorized Access and Full Control Out of Bounds Write Vulnerability in Quick Heal Security Software Memory Corruption Vulnerability in Quick Heal Security Software Memory Corruption Vulnerability in Quick Heal Security Software Lack of ASLR/DEP Protection in Quick Heal Security Products Missing Authorization in Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier XSS Vulnerability in GitLab via SVG Document in Issue Attachment or Avatar Memory Consumption Denial of Service Vulnerability in rpcbind, LIBTIRPC, and NTIRPC XSS Vulnerability in GeniXCMS 1.0.2: Malformed Comment Handling during Publish Operation Stack Buffer Overrun Vulnerability in XnView Classic for Windows Version 2.40 Integer Overflow Vulnerability in libming 0.4.8's readString Function Persistent XSS in Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 FastStone Image Viewer 6.2 JPEG 2000 File Handling Vulnerability Heap-based Buffer Overflow in PCRE2 10.23 via Crafted Regular Expression Heap-based Buffer Over-read Vulnerability in PoDoFo 0.9.5 CRLF Vulnerability in Accellion FTA Devices Accellion FTA Devices: SQL Injection via report_error.php LDAP Injection Vulnerability in Accellion FTA Devices Accellion FTA Devices Auth_params CRLF Attack Vulnerability XSS Vulnerability in Accellion FTA Devices Accellion FTA Devices Same Origin Policy Bypass Vulnerability SSRF Vulnerability in Accellion FTA Devices XSS Vulnerability in Accellion FTA Devices SQL Injection Vulnerability in Accellion FTA Devices Uninitialized Type Value Vulnerability in Linux NFSv4 Server Integer Signedness Error in MiniUPnP MiniUPnPc: Denial of Service and Possible Other Impact Untrusted Input Execution via igetwild in iRODS Versions Before 4.1.11 and 4.2.1 Cross-Site Scripting (XSS) Vulnerability in Trend Micro OfficeScan 11.0 Zimbra Collaboration Suite XSS Vulnerability in Show Snippet Functionality Code Execution Vulnerability in Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 Denial of Service Vulnerability in glibc 2.25 (CVE-2017-8779) Directory Traversal Vulnerability in Debian ftpsync before 20171017 Insecure Handling of Symbolic Links in Debian PostgreSQL Scripts Varnish HTTP Cache Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in MediaWiki Reflected File Download vulnerability in MediaWiki API Account Enumeration and Brute-Force Vulnerability in MediaWiki HTML Mangling Vulnerability in MediaWiki Remote Code Injection via Headline ID Attribute in MediaWiki Text Replacement Vulnerability in MediaWiki Language Converter Attribute Injection Vulnerability in MediaWiki Language Converter Integer Overflow and Buffer Overflow Vulnerability in NTLM Authentication Feature in curl and libcurl FTP Wildcard Function Denial of Service Vulnerability Insufficient Memory Allocation in curl and libcurl on 32-bit Platforms Ineffective Replay-Cache Protection for v2 Onion Services Denial of Service Vulnerability in Tor Directory Authorities (TROVE-2017-010) Denial of Service via Crafted PEM Input in Tor (TROVE-2017-011) Self-selection vulnerability in Tor relays leading to anonymity degradation (TROVE-2017-012) Use-after-free vulnerability in Tor onion service v2 during intro-point expiration (TROVE-2017-013) Use-after-free vulnerability in Linux kernel allows privilege escalation or denial of service Null Dereference Vulnerability in LibEtPan's MIME Handling Component FastStone Image Viewer 6.2 User Mode Write AV Vulnerability Unrestricted Password Reset and Denial of Service Vulnerability in GeniXCMS 1.0.2 Deserialization Vulnerability in Lintian: Code Execution via Crafted YAML File Memory Leak Vulnerability in ImageMagick 7.0.5-6's ReadBMPImage Function Double Fetch Vulnerability in saa7164_bus_get Function XSS Vulnerability in Allen Disk 1.6's downfile.php via id Parameter Cross-Site Scripting (XSS) Vulnerability in Zen Cart 1.6.0 Denial of Service Vulnerability in libcroco 0.6.12 via Crafted CSS File SQL Injection Vulnerability in Peplink Balance Devices CSRF Vulnerability in Peplink Balance Devices Allows Unauthorized Command Execution Cleartext Password Storage Vulnerability on Peplink Balance Devices Cross-Site Scripting (XSS) Vulnerability in Peplink Balance Devices Cross-Site Scripting (XSS) Vulnerability in Peplink Balance Devices Peplink Balance Devices Debug Information Disclosure Vulnerability Arbitrary File Deletion Vulnerability in Peplink Balance Devices Denial of Service Vulnerability in lrzip 0.631 Denial of Service Vulnerability in lrzip 0.631 via Crafted Archive Heap-based Buffer Overflow in lrzip 0.631's read_1g Function Denial of Service Vulnerability in LZO 2.08 Denial of Service Vulnerability in lrzip 0.631 via Crafted Archive NULL Pointer Dereference Vulnerability in bufRead::get() Function of lrzip 0.631 CSRF Vulnerability in Allen Disk 1.6's setpass.php Allows Password Change Local Privilege Escalation in smb4k before 2.0.1 via Mount Helper DBUS Service Argument Verification Failure Cross-Flashing Vulnerability on OnePlus Devices: Exploiting OTA Image Leniency Vulnerability: OTA Image Installation Vulnerability on OnePlus One and X Devices Heap Based Buffer Overflow Vulnerability in SAP SAPCAR 721.510 Arbitrary File Delete Vulnerability in Fiyo CMS v2.0.7 Buffer Overflow Vulnerability in wolfSSL before 3.10.2 wolfSSL before 3.11.0 Vulnerability: Acceptance of Malformed DH Key in wc_DhAgree Unauthenticated Remote Command Execution in Veritas NetBackup and NetBackup Appliance Unauthenticated File Copy and Remote Command Execution in Veritas NetBackup and NetBackup Appliance Unauthenticated Privileged Remote File Write Vulnerability in Veritas NetBackup Root Command Execution Vulnerability in Veritas NetBackup Appliance 3.0 and Earlier Directory Listing Vulnerability on Cohu 3960HD Allows Unauthorized Access to Sensitive Information Remote Configuration Port 1236/tcp Vulnerability on Cohu 3960HD: Unauthorized Configuration Parameter Modification Unauthenticated Remote Code Execution via Firmware Upgrade in Cohu 3960HD Cohu 3960: Information Disclosure Vulnerability Exposes .esp Source Code Client-side enforcement vulnerability in Cohu 3960HD camera allows for option manipulation and code execution Capture-Replay Attack Vulnerability in Elemental Path's CogniToys Dino Smart Toys Hardcoded Keys in Elemental Path's CogniToys Dino Smart Toys Enable VoIP Traffic Decryption Insecure Encryption in CogniToys Dino Smart Toys Allows Eavesdropping on Child's Voice Communication Directory Traversal Vulnerability in flatCore 1.4.7 Allows File Deletion via acp/core/files.browser.php Remote Code Execution Vulnerability in MediaCoder 0.8.48.5888 via Crafted .m3u File Buffer Overflow Vulnerability in AudioCoder 0.8.46 via Crafted .m3u File Denial of Service Vulnerability in libcroco 0.6.12 Buffer Over-read Vulnerability in libxml2 2.9.4 HTMLparser.c CSRF Vulnerabilities in Mautic 1.4.1: Unauthorized Deletion of Email Campaigns and Contacts CSRF Vulnerability in Clean Login Plugin for WordPress Allows Unauthorized URL Modification XSS Vulnerability in Symphony 2 2.6.11 via meta[navigation_group] Parameter ASUS RT-AC* and RT-N* Devices JSONP Information Disclosure Vulnerability Wi-Fi Password Disclosure Vulnerability in ASUS RT-AC* and RT-N* Devices Unauthenticated Password Change Vulnerability in Dolibarr ERP/CRM 4.0.4 Double Free Vulnerability in Linux Kernel's inet_csk_clone_lock Function Denial of Service Vulnerability in Dropbox Lepton 1.2.1 Persistent Cross-Site Scripting (XSS) Vulnerability in OpenText Tempo Box 10.0.3 Buffer Overflow Vulnerability in AeroAdmin 4.1 Insecure Software Update Protocol in AeroAdmin 4.1 Allows Code Execution via Man-in-the-Middle Attack Use-after-free vulnerability in Veritas Backup Exec 2014, 15, and 16 allows for remote code execution and denial of service XSS Vulnerability in ownCloud Server Versions 8.2.12, 9.0.x, 9.1.x, and 10.0.x Pre-Auth Reflected XSS Vulnerability in Invision Power Services (IPS) Community Suite 4.1.19.2 and Earlier Stored XSS Vulnerability in Invision Power Services (IPS) Community Suite 4.1.19.2 and Earlier Stored XSS and Information Disclosure Vulnerability in Invision Power Services (IPS) Community Suite 4.1.19.2 and Earlier Guest Session Bypass Vulnerability in LightDM Xen IRET Hypercall Page Table Mishandling Vulnerability (XSA-213) Xen Privilege Escalation Vulnerability: XSA-214 Xen Failsafe Callback Vulnerability (XSA-215) Integer Underflow Vulnerability in pixel-a.asm Arbitrary Code Execution via Unauthorized Deployment Project Creation in Atlassian Bamboo Out-of-Bounds Read Vulnerability in Artifex Ghostscript 9.21 Integer Underflow Vulnerability in unicode_to_utf8() Function in tnef 1.4.14 Arbitrary PHP Code Execution in CMS Made Simple (CMSMS) 2.1.6 via admin/editusertag.php XML External Entity (XXE) Vulnerability in SAP NetWeaver AS JAVA 7.5 Insecure User Creation Policy in Sinopia: Remote Hijacking of npm Packages and Arbitrary File Hosting (SAP Security Note 2407694) Remote Denial of Service Vulnerability in Sinopia Package Manager Vulnerability: Unauthorized Administrative Access via Email Manipulation Arbitrary SQL Command Execution Vulnerability in Joomla! 3.7.x before 3.7.1 Remote File Disclosure Vulnerability in Dive Assistant - Template Builder LDAP BIND Password Logging Vulnerability in NetApp OnCommand API Services Cross-Site Scripting (XSS) Vulnerability in CGI:IRC before 0.5.12 FlightGear FGCommand Interface File Overwrite Vulnerability Denial of Service Vulnerability in PHP's zend_string_extend Function Uninitialized Kernel Memory Disclosure in Linux Kernel USB Serial Driver Denial of Service Vulnerability in Linux Kernel's omninet_open Function Buffer Overflow Vulnerability in Halliburton LogView Pro 10.0.1 via Crafted .tif File Buffer Overflow Vulnerability in Larson VizEx Reader 9.7.5 via Crafted .tif File CSRF Vulnerability in mailcow 0.14 Use-after-free vulnerability in YARA 3.5.0 allows remote attackers to cause denial of service Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Simple Invoices 2013.1.beta.8 Root Privilege Escalation in Bitdefender GravityZone VMware Appliance Vulnerability: Key Recovery Attack in Go's ScalarMult Implementation Insecure Socket File Usage in Libmenu-cache 1.0.2: Denial of Service Vulnerability Insecure Use of /tmp in PCManFM 1.2.5 Allows Local Denial of Service Unverified X.509 Certificates in Quest Information Systems Indiana Voters App for iOS Allow Man-in-the-Middle Attacks SSL Certificate Verification Vulnerability in MoboTap Dolphin Web Browser for iOS SSL Certificate Verification Vulnerability in Life Before Us Yo App 2.5.8 for iOS Unverified X.509 Certificate Vulnerability in Radio Javan iOS App (9.3.4 - 9.6.1) Unverified SSL Certificates in Warner Bros. ellentube App for iOS Allow Man-in-the-Middle Attacks Unverified SSL Certificates in Zipongo iOS App Allows for Man-in-the-Middle Attacks Unverified SSL Certificates in Interval International App for iOS Allow Man-in-the-Middle Attacks Unverified X.509 Certificates Vulnerability in YottaMark ShopWell App for iOS Unverified SSL Certificates in PUMA PUMATRAC App 3.0.2 for iOS Remote Disclosure of Information Vulnerability in HPE Cloud Optimizer v3.0x Remote Unauthorized Disclosure of Information in HPE IceWall Federation Agent 3.0 Critical Remote Code Execution Vulnerability in HPE Aruba AirWave Glass v1.0.0 and 1.0.1 Critical Remote Code Execution Vulnerability in HPE UCMDB Versions v10.10 - v10.31 Remote Bypass Security Restriction Vulnerability in HPE Network Node Manager i (NNMi) Software Sensitive Information Disclosure Vulnerability in HPE SiteScope v11.2x and v11.3x Sensitive Information Disclosure Vulnerability in HPE SiteScope v11.2x and v11.3x Sensitive Information Disclosure Vulnerability in HPE SiteScope v11.2x and v11.3x Sensitive Information Disclosure Vulnerability in HPE SiteScope v11.2x and v11.3x Critical Remote Cross-Site Scripting (XSS) Vulnerability in HPE LoadRunner and Performance Center Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P04 Critical Remote Code Execution Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Authentication Bypass Vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage Authentication Bypass Vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Deserialization Vulnerability Discovered in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Remote Code Execution Vulnerability in HPE RESTful Interface Tool 1.5 and 2.0 Improper Input Validation Vulnerability in HPE Insight Control 7.6 LR1 Critical Remote Unauthenticated Information Disclosure Vulnerability in HPE Matrix Operating Environment 7.6 LR1 Clickjacking Vulnerability Discovered in HPE Matrix Operating Environment 7.6 LR1 Clickjacking Vulnerability Discovered in HPE Matrix Operating Environment 7.6 LR1 Improper Input Validation Vulnerability in HPE Matrix Operating Environment 7.6 LR1 Local Authentication Restriction Bypass Vulnerability in HPE NonStop Server Critical Remote Code Execution Vulnerability Discovered in HPE Moonshot Provisioning Manager Appliance v1.20 Critical Remote Code Execution Vulnerability Discovered in HPE Moonshot Provisioning Manager Appliance v1.20 Critical Remote Denial of Service Vulnerability Discovered in HPE Moonshot Provisioning Manager Appliance v1.20 Remote Unauthorized Disclosure of Information in HPE IceWall Products MFA 4.0 Proxy Remote Code Execution and Authentication Bypass Vulnerabilities in HPE iLO 2 Firmware Remote Disclosure of Information Vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506 Remote Authentication Restriction Bypass Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P4 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P4 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P03 Local Authenticated Information Disclosure Vulnerability in HPE XP Storage with Hitachi Global Link Manager (HGLM) Unauthenticated Remote Denial of Service Vulnerability in HPE Integrated Lights-Out 3 (iLO 3) v1.88 Remote Bypass of Security Restrictions in HPE XP Command View Advanced Edition Software Remote URL Redirection Vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 Remote Code Execution Vulnerability in HPE IMC Wireless Service Manager Software Cross Site Scripting (XSS) Vulnerability in HPE CentralView Fraud Risk Management Remote Privilege Escalation Vulnerability in HPE CentralView Fraud Risk Management Critical Remote Cross-Site Scripting Vulnerability Discovered in HPE Project and Portfolio Management (PPM) v9.30-v9.40 Remote Code Execution Vulnerability in HPE Operations Orchestration Product (Versions Prior to 10.80) ArubaOS Unauthenticated Arbitrary File Access Vulnerability Aruba ClearPass SSH Lockout Unauthenticated Remote Command Execution Vulnerability Reflected Cross-Site Scripting Vulnerability in Aruba ClearPass ArubaOS Multiple Memory Corruption Vulnerabilities Denial of Service Vulnerability in gmp Plugin of strongSwan Denial of Service Vulnerability in strongSwan ASN.1 Parser Directory Traversal Vulnerability in Secure Bytes Cisco Configuration Manager Heap Buffer Overflow in vshttpd Allows Remote Code Execution Remote Code Execution Vulnerability in HooToo Trip Mate 6 (TM6) Firmware 2.000.030 and Earlier Directory Traversal Vulnerability in Codextrous B2J Contact Extension for Joomla Directory Traversal Vulnerability in Deluge WebUI Component Cross-Site Scripting (XSS) Vulnerabilities in Trend Micro ServerProtect for Linux 3.0 CSRF Vulnerability in Trend Micro ServerProtect for Linux 3.0 Arbitrary Code Execution with Root Privileges in Trend Micro ServerProtect for Linux 3.0 Unencrypted Communications Vulnerability in Trend Micro ServerProtect for Linux 3.0 Privilege Escalation via Unrestricted Quarantine Directory in Trend Micro ServerProtect for Linux 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Trend Micro ServerProtect for Linux 3.0 Denial of Service Vulnerability in GNU Binutils 2.28 Denial of Service Vulnerability in GNU Binutils 2.28 via Crafted ELF File Denial of Service Vulnerability in GNU Binutils 2017-04-03 Denial of Service Vulnerability in GNU Binutils 2.28 via Crafted ELF File Denial of Service Vulnerability in GNU Binutils 2017-04-12 Shift Exponent Too Large Vulnerability in readelf.c Denial of Service Vulnerability in GNU Binutils 2017-04-12 Insecure Download of JSON Files in Google I/O 2017 Android App Arbitrary Code Execution via Crafted ssgp.dll in Pegasus Mail v4.72 build 572 Buffer Overflow Vulnerability in libxml2 20904-GITv2.9.4-16-g0741801 Stack-based Buffer Overflow in xmlSnprintfElementContent in libxml2 20904-GITv2.9.4-16-g0741801 Heap-based Buffer Over-read in xmlDictComputeFastKey Function in libxml2 Heap-based Buffer Over-read in xmlDictAddString function in libxml2 NULL Pointer Dereference Vulnerability in libavformat/nsvdec.c Heap-based Buffer Over-read in libdwarf 2017-03-21 Heap-based Buffer Over-read in libdwarf's _dwarf_read_loc_expr_op() Function Heap-based Buffer Over-read in libdwarf 2017-03-21 Heap-based Buffer Over-read in libdwarf 2017-03-21 Heap-based Buffer Over-read in libytnef through 1.9.2 NFSv4 Linux Kernel Denial of Service Vulnerability Denial of Service Vulnerability in QEMU's virtio_gpu_set_scanout Function Cross-Site Scripting (XSS) Vulnerability in WordPress File Upload Improper Handling of Post Meta Data Values in WordPress XML-RPC API Cross-Site Scripting (XSS) Vulnerability in WordPress Customizer Session CSRF Vulnerability in WordPress Filesystem Credentials Dialog Lack of Capability Checks in WordPress XML-RPC API for Post Meta Data Insufficient Redirect Validation in WordPress HTTP Class: SSRF Vulnerability Directory Traversal Vulnerability in MODX Revolution before 2.5.7 Reflected XSS Vulnerability in MODX Revolution Setup Page Arbitrary Code Execution via .htaccess File Upload in MODX Revolution XSS Vulnerability in MODX Revolution before 2.5.7 via pagetitle Parameter Cross-Site Scripting (XSS) Vulnerability via HTTP Host Header Injection XSS Vulnerability in CalendarXP and PopCalendarXP IPv6 Fragmentation Implementation Vulnerability in Linux Kernel Linux Kernel SCTP Inheritance Vulnerability Inheritance Mishandling in dccp_v6_request_recv_sock Function in Linux Kernel Inheritance Mishandling in tcp_v6_syn_recv_sock Function in Linux Kernel Double Free Vulnerability in Dropbear Server Privilege Escalation via Symlink Following in Dropbear SSH (CVE-2021-XXXX) Remote Code Execution in PlaySMS 1.4 via Unrestricted File Upload and Code Injection in sendfromfile.php NULL Pointer Dereference in JPXStream::readUByte Function in poppler 0.54.0 Cross-Site Scripting (XSS) Vulnerabilities in Kodak InSite 6.5 to 8.0 Bypassing CAPTCHA in reg.php of Allen Disk 1.6 via empty $_POST['captcha'] CAPTCHA Bypass Vulnerability in Allen Disk 1.6 Denial of Service Vulnerability in ImageWorsener 1.3.1 Denial of Service Vulnerability in ImageWorsener 1.3.1 Remote File Disclosure Vulnerability in Diving Log 6.0 through XXE in Subsurface Import XML External Entity (XXE) Vulnerability in iText PDF Parsers Path Traversal Vulnerability in Anti-Web through 3.8.7 on NetBiter FGW200, WS100, EC150, WS200, EC250, and other devices Uninitialized Memory Leak Vulnerability in ImageMagick and GraphicsMagick Authentication Bypass Vulnerability in D-Link DIR-600M Firmware 3.04 Remote Code Execution via User-Agent Header and File Name in PlaySMS 1.4's import.php Uninitialized Stack Value Vulnerability in adns Vulnerability: CPU Consumption and Hang due to Compression Pointer Loop in adns Remote Code Execution Vulnerability in adns adns 1.5.2 Vulnerability: Buffer Overrun Due to Mishandling of Bogus *datap Buffer Overrun Vulnerability in adns adns 1.5.2 Vulnerability: Mishandling of Missing Final Newline in adnshost Vulnerability: Heap Overrun in adns Invalid Read Vulnerability in OpenEXR 2.2.0's hufDecode Function Invalid Write Vulnerability in OpenEXR 2.2.0's storeSSE Function in ImfOptimizedPixelReading.h Invalid Read Vulnerability in OpenEXR 2.2.0's getBits Function in ImfHuf.cpp Buffer Overflow Vulnerability in OpenEXR 2.2.0's bufferedReadPixels Function Invalid Read Vulnerability in OpenEXR 2.2.0's refill function in ImfFastHuf.cpp Invalid Write Vulnerability in OpenEXR 2.2.0's half.h Operator Function Invalid Read Vulnerability in OpenEXR 2.2.0's uncompress function in ImfZip.cpp Heap-based Buffer Over-read in LibTIFF 4.0.7's bmp2tiff Vulnerability Out of Bounds Access Vulnerability in PHP 7.1.5 via preg_replace Denial of Service Vulnerability in PHP 7.1.5 Integer Overflow Vulnerability in mysqli_real_escape_string in PHP 7.x through 7.1.5 Denial of Service Vulnerability in libquicktime 1.2.4 via Crafted MP4 File Denial of Service Vulnerability in libquicktime 1.2.4 Denial of Service Vulnerability in libquicktime 1.2.4 via Crafted MP4 File Heap-based Buffer Over-read Vulnerability in libquicktime 1.2.4 Heap-based Buffer Overflow in libquicktime's quicktime_read_dref_table Function Heap-based Buffer Overflow in libquicktime 1.2.4 via Crafted MP4 File Heap-based Buffer Over-read Vulnerability in libquicktime 1.2.4 Denial of Service Vulnerability in FAAC 1.28 via Crafted WAV File Denial of Service Vulnerability in FAAC 1.28 via Crafted WAV File Unauthenticated Remote Command Execution and Denial of Service Vulnerability in Mimosa Radios Hard-coded Credentials Vulnerability in Mimosa Devices Command Injection Vulnerability in Mimosa Client and Backhaul Radios Unauthenticated Information Leakage and Remote Factory Reset Vulnerability Unsanitized User Input Allows Remote Command Execution on Mimosa Radios Unsanitized GET Parameter Allows Unauthorized File Download and Privilege Escalation Default password vulnerability in Ceragon FibeAir IP-10 wireless radios Tenda Router Debug-Interface Vulnerability: Bypassing Access Restrictions and Unauthorized Command Execution Stack-based Buffer Overflow Vulnerability in Tenda Routers (FH1202/F1202/F1200: versions before 1.2.0.20) Arbitrary Script Injection Vulnerability in Telerik Reporting for ASP.NET WebForms Report Viewer Control Assertion Failure in ImageMagick 7.0.5-7 Q16 due to Missing Checks in ReadDDSImage Function Assertion Failure in WriteBlob Function Due to Missing Checks in ReadOneJNGImage Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted .art File ImageMagick 7.0.5-5 RLE Image EOF Handling Crash Vulnerability Cross-Site Scripting (XSS) Vulnerability in TikiFilter.php of Tiki Wiki CMS Groupware 12.x through 16.x Heap-based Buffer Overflow in TNEFFillMapi Function in libytnef Invalid Read Vulnerability in LibTIFF 4.0.7 Vulnerability: Insecure Session Resumption in FreeRADIUS Silent Failure in Metadata Anonymisation Toolkit (MAT) Allows Information Disclosure Information Disclosure Vulnerability in Linux Kernel's do_check Function Heap-Based Buffer Overflow in AutoTrace 0.31.1: pnm_load_ascii function in input-pnm.c:303:12 Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Overflow in AutoTrace 0.31.1: pnm_load_rawpbm function in input-pnm.c:391:13 Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 Denial of Service Vulnerability in AutoTrace 0.31.1 Denial of Service Vulnerability in AutoTrace 0.31.1 Denial of Service Vulnerability in AutoTrace 0.31.1 Denial of Service Vulnerability in AutoTrace 0.31.1 Stack-based Buffer Overflow in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1 Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Representation Issue in AutoTrace 0.31.1's libautotrace.a Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1: ReadImage Function in input-bmp.c Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 via libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 via ReadImage Function in input-bmp.c Use-after-free and Invalid Heap Read Vulnerability in AutoTrace 0.31.1 Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1 Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Denial of Service Vulnerability in AutoTrace 0.31.1 Denial of Service Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Overflow in AutoTrace 0.31.1: rle_fread Function in input-tga.c Heap-Based Buffer Overflow in AutoTrace 0.31.1's ReadImage Function Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Heap-Based Buffer Over-Read Vulnerability in AutoTrace 0.31.1 Negative Size Parameter Issue in AutoTrace 0.31.1's ReadImage Function Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1 Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Integer Overflow Vulnerability in AutoTrace 0.31.1's libautotrace.a Denial of Service Vulnerability in ImageWorsener 1.3.1 Denial of Service Vulnerability in ImageWorsener 1.3.1 Buffer Underflow Vulnerability in ImageWorsener 1.3.1 Denial of Service Vulnerability in ImageWorsener 1.3.1 Denial of Service Vulnerability in ImageWorsener 1.3.1 Heap-based Buffer Over-read Vulnerability in ImageWorsener 1.3.1 Heap-based Buffer Over-read Vulnerability in ImageWorsener 1.3.1 Denial of Service Vulnerability in QPDF 6.0.0 via Crafted PDF Document (qpdf-infiniteloop1) Denial of Service Vulnerability in QPDF 6.0.0 via Crafted PDF Document (qpdf-infiniteloop2) Denial of Service Vulnerability in QPDF 6.0.0 via Crafted PDF Document (qpdf-infiniteloop3) NULL pointer dereference vulnerability in crypto_skcipher_init_tfm function in Linux kernel through 4.11.2 Remote Crash Vulnerability in BMW 330i 2011 Bluetooth Stack via Format String Specifiers Unsigned Integer Underflow Vulnerability in Open vSwitch (OvS) 2.7.0 NULL Pointer Dereference in jbig2_huffman_get Function in jbig2dec Utility Denial of Service Vulnerability in systemd-resolved through 233 Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Memory Allocation Error and Application Crash in FAAD2 2.7 via Crafted MP4 File Memory Allocation Error in FAAD2 2.7 mp4ff_read_stco Function Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Stack Out-of-Bounds Read Vulnerability in Oniguruma Stack Buffer Overflow in Oniguruma 6.2.0 Heap Out-of-Bounds Write/Read Vulnerability in Oniguruma Stack Out-of-Bounds Read Vulnerability in Oniguruma Heap Out-of-Bounds Write Vulnerability in Oniguruma Invalid Pointer Dereference in Oniguruma 6.2.0 Vulnerability: Inadequate Consideration of Specific Bitcoin Proof-of-Work Attack Methodology XML External Entity (XXE) Vulnerability in Citrix XenMobile Server 9.x and 10.x Privilege Escalation via Insecure UNIX Domain Socket Permissions in Juju XML External Entity (XXE) Vulnerability in libexpat 2.2.0 and Earlier: Infinite Loop via Malformed External Entity Definition Exiv2 0.26 TIFF File Crafted Data Structure Segmentation Fault Vulnerability Late Check in __ip6_append_data Function Allows for Denial of Service in Linux Kernel XSS Vulnerability in Aries QWR-1104 Wireless-N Router Firmware Version WRC.253.2.0913: Exploiting Wireless Site Survey Page with Access Point Name Arbitrary Code Injection through Photo Upload in Trello iOS App Insecure Network Communication in Google News and Weather App for Android SQL Injection Vulnerability in New Relic .NET Agent before 6.3.123.0 Unquoted Service Path Vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) Telerik.Web.UI.dll Cryptographic Protection Vulnerability Persistent Cross-Site Scripting (XSS) Vulnerability in Allen Disk 1.6 via Crafted HTML File Upload Denial of Service Vulnerability in JerryScript 1.0 Reflected XSS Vulnerability in FineCMS (sitename parameter) Reflected XSS Vulnerability in FineCMS Search Page Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in FAAD2 2.7 via Crafted MP4 File Denial of Service Vulnerability in SoundTouch 1.9.2 Memory Allocation Error and Application Crash in SoundTouch 1.9.2 Heap-based Buffer Over-read Vulnerability in SoundTouch 1.9.2 Denial of Service Vulnerability in ImageMagick 7.0.5-6 Q16's ReadMNGImage Function Denial of Service Vulnerability in ImageMagick 7.0.5-6 Q16's ReadJNGImage Function Remote Denial of Service (DoS) Vulnerability in Open vSwitch (OvS) 2.7.0 Remote Buffer Over-read Vulnerability in Open vSwitch 2.6.1 Buffer Over-read Vulnerability in Open vSwitch (OvS) v2.7.0 Weak Cipher Vulnerability in Novell eDirectory LDAP Interface Incorrect Project Permissions Check in Open Build Service Leads to Denial of Service Vulnerability Unpinned GPG Keys in libzypp: A Silent Downgrade Vulnerability Remote Code Execution Vulnerability in cryptctl 2.0 and Earlier Versions Zypper Commandline Package Update Tool Logfile Vulnerability Bi-directional Driver Denial of Service Vulnerability Unauthorized Log Configuration Changes in IDM 4.5 before 4.0.3.0 Shell Command Injection in obs-service-source_validator before 0.7 XSS Vulnerability in NetIQ Identity Reporting Cross-Site Scripting (XSS) Vulnerability in Novell Access Manager iManager before 4.3.3 Persistent Open Connections Vulnerability in Novell eDirectory LDAP Backend NetIQ Identity Manager Oracle EBS Driver Authentication Password Disclosure Vulnerability Arbitrary File Upload and Code Execution in NetIQ Identity Manager User Application Administration Session Token Exposure in NetIQ Identity Manager Applications Integer Overflow leading to Denial of Service in Micro Focus VisiBroker 8.5 Heap Corruption Vulnerability in Micro Focus VisiBroker 8.5 Out-of-Bounds Read Vulnerability in Micro Focus VisiBroker 8.5 Sensitive Information Exposure in IDM 4.6 Identity Applications Unrestricted Access Vulnerability in NetIQ eDirectory Privilege Escalation Vulnerability in NextCloud Packaging for openSUSE Double Free Vulnerability in OpenLDAP 2.4.44 Allows for Server Crash via Paged Results Control Reflected XSS Vulnerability in Raygun4WP Plugin 1.8.0 for WordPress Reflected XSS Vulnerability in Bram Korsten Note through 1.2.0 XSS Vulnerability in Lansweeper Image Retrieval URI (Bug 542782) RMI Command Execution Vulnerability in Hitachi Device Manager Arbitrary File Read Vulnerability in Hitachi Device Manager and Hitachi Replication Manager Open Redirect Vulnerability in Hitachi Device Manager and Hitachi Tuning Manager Open Redirect Vulnerability in Hitachi Device Manager Arbitrary JavaScript Code Execution in Hitachi Device Manager and Replication Manager XSS Vulnerability in OTRS 3.3.9's AgentStats Requests Heap Corruption and Application Crash Vulnerability in VideoLAN VLC media player 2.2.4 Denial of Service and Application Crash Vulnerability in VideoLAN VLC media player 2.2.4 Denial of Service Vulnerability in RealPlayer 16.0.2.32 via Crafted MP4 File Laravel 5.4.x Password-Reset URL Host Constraint Vulnerability Denial of Service Vulnerability in YARA 3.5.0's regexp Module XSS Bypass Vulnerability in Tiki Wiki CMS Groupware 16.2 XSS Filter Bypass in sysPass 2.1.9 Remote Code Execution via SSRF in Allen Disk 1.6 Denial of Service Vulnerability in QEMU's e1000e NIC Emulation Denial of Service Vulnerability in Allen-Bradley L30ERMS Safety Devices Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 Dahua NVR Authentication Bypass Vulnerability Potential Compromise of Dahua IP Camera Password Reset Mechanism Dahua IPC-HDW4300S Firmware Upgrade Authentication Bypass Vulnerability Dahua IP Devices: Privilege Escalation Vulnerability Exposes High Privilege Account Credentials Privilege Escalation via Open Ticket Request System (OTRS) URL Vulnerability Sentry Authorization Bypass in Solr's secure solrconfig.xml Configuration Potential Exposure of Spark History Server Keystore Password in Unsecured Files Insecure File Permissions Expose Secret Data in CM Process Management Remote Code Execution Vulnerability in TerraMaster TOS before 3.0.34 via Shell Metacharacter Injection in GetTest.php Denial of Service Vulnerability in QEMU USB OHCI Emulation (CVE-2017-7377) Stored Cross-site Scripting (XSS) Vulnerability in Telaxus EPESI's Agenda Component XSS Vulnerability in PivotX 2.3.11 via Smarty Self Function Remote Code Execution via CallOPKG Function in OpenWebif 1.2.5 Unsafe Pointer Dereference in CHICKEN Scheme's length Procedure Stored XSS Vulnerability in WP Editor.MD Plugin 1.6 for WordPress Stored XSS Vulnerability in Markdown on Save Improved Plugin 2.5 for WordPress XSS Vulnerability in ownCloud Server Search Module Disclosure of Valid Share Tokens for Public Calendars in ownCloud Server Privilege Escalation Vulnerability in ownCloud Server 10.0.2: Unauthorized Deletion of Shared Folders by Attacker NULL Pointer Misuse in MSNIP Dissector of Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12 Bluetooth L2CAP Dissector Division by Zero Vulnerability DNS Dissector Infinite Loop Vulnerability Infinite Loop Vulnerability in Wireshark's SoulSeek Dissector ROS Dissector NULL Pointer Dereference Vulnerability Buffer Overflow Vulnerability in Wireshark 2.2.0 to 2.2.6 DOF Dissector Infinite Loop Vulnerability in Wireshark DICOM Dissector OpenSAFETY Dissector Crash and Memory Exhaustion Vulnerability Buffer Overflow Vulnerability in Wireshark DHCP Dissector Bazaar Dissector Infinite Loop Vulnerability IPv6 Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.6 RGMP Dissector IPv4 Address Validation Vulnerability XML External Entity (XXE) Vulnerability in Subsonic 6.1.1 Import Playlist Feature Allows SSRF Attacks via Crafted XSPF Playlist File Cross Site Scripting Vulnerability in Sitecore.NET 7.1-7.2 via searchStr parameter Memory Exhaustion Vulnerability in Asterisk Open Source and Certified Asterisk Denial of Service Vulnerability in PJSIP Multi-Part Body Parser SQL Injection Vulnerability in WebsiteBaker v2.10.0's /account/details.php Stored XSS Vulnerability in WebsiteBaker v2.10.0's /account/details.php XML Injection Vulnerability in ManageEngine ServiceDesk Plus Arbitrary Remote Code Execution via Untrusted Java Serialization in Soffid IAM Console Unrestricted File Upload Vulnerability in BigTree CMS through 4.2.18 CSRF Vulnerability in BigTree CMS Allows Unlocking Pages Stored Cross-site Scripting (XSS) Vulnerability in Telaxus EPESI 1.8.2 and Earlier BlackBerry Workspaces Server Directory Traversal Vulnerability BlackBerry Workspaces Server Information Disclosure Vulnerability: Unauthorized Access to Server-side Application Source Code Information Disclosure Vulnerability in BlackBerry QNX SDP BlackBerry Workspaces Server Vulnerability: Unauthorized Access to User Workspaces Loss of Integrity Vulnerability in BlackBerry QNX SDP: Exploiting PRNG Entropy Reduction Buffer Overflow and Application Crash Vulnerability in PJSIP QEMU Memory Leak Vulnerability in AHCI Emulation QEMU Memory Leak Vulnerability in USB EHCI Emulation Denial of Service Vulnerability in QEMU's USB xHCI Controller Emulator Local File Inclusion Vulnerability in ManageEngine ServiceDesk Plus Command Injection Vulnerability in Barco ClickShare Base Unit Devices User Self-Deletion Vulnerability in BigTree CMS CSRF Vulnerabilities in BigTree CMS through 4.2.18 Arbitrary Code Execution Vulnerability in OpenEMR 5.0.0 and Prior Cross-Site Request Forgery (CSRF) Vulnerability in Vera VeraEdge and Veralite Devices Directory Traversal Vulnerability in VeraEdge and Veralite UPnP Services Vera VeraEdge and Veralite UPnP Service Remote Code Execution Vulnerability Remote Code Execution Vulnerability in VeraEdge and Veralite Devices Vera Veralite 1.7.481 Directory Traversal Vulnerability Directory Traversal Vulnerability on Vera VeraEdge and Veralite Devices Cross-Site Scripting (XSS) Vulnerability in Vera VeraEdge and Veralite Devices Command Injection Vulnerability in Vera VeraEdge and Veralite Devices Unauthenticated Remote Code Execution in Vera VeraEdge and Veralite Devices Arbitrary Code Execution via connect.sh on Vera VeraEdge and Veralite Devices Buffer Overflow Vulnerability in Vera VeraEdge and Veralite Devices Buffer Overflow Vulnerability in VeraEdge and Veralite UPnP Services Exhaustive Search Vulnerability in CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 Stored Cross-Site Scripting Vulnerability in CA Identity Governance 12.6 Memory Leak Vulnerability in LibTIFF 4.0.7 TIFFReadDirEntryLong8Array Function Memory Leak Vulnerability in LibTIFF 4.0.7's OJPEGReadHeaderInfoSecTablesQTable Function Memory Leak Vulnerability in ImageMagick 7.0.5-5's ReadICONImage Function Memory Leak Vulnerability in Poppler 0.54.0's gmalloc Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted File Memory Leak Vulnerability in Poppler 0.54.0 Object::initArray Function Denial of Service Vulnerability in ImageMagick 7.0.5-5 via Crafted File in ReadMPCImage Function Denial of Service Vulnerability in LAME 3.99.5 via Crafted WAV File Cross-Site Request Forgery (CSRF) Vulnerabilities in Subsonic Podcast Feature CSRF Vulnerability in Subsonic 6.1.1 Subscribe to Podcast Feature CSRF Vulnerability in Subsonic 6.1.1 Allows Password Hijacking Directory Traversal Vulnerability in Odoo 8.0, 9.0, and 10.0: Unauthorized File Read Access Broadpwn: Remote Code Execution Vulnerability in Broadcom BCM43xx Wi-Fi Chips Arbitrary SQL Command Execution Vulnerability in WP-Testimonials Plugin 3.4.1 for WordPress Arbitrary JavaScript Injection in Webhammer WP Custom Fields Search Plugin 0.3.28 Arbitrary JavaScript Injection via yr Parameter in Spiffy Calendar Plugin for WordPress Accellion kiteworks Authentication Bypass Vulnerability Arbitrary Code Execution in IdeaBlade Breeze Server.NET (CVE-XXXX-XXXX) XSS Vulnerability in Facetag Extension 0.0.3 for Piwigo SQL Injection in Facetag Extension 0.0.3 for Piwigo via imageId Parameter SQL Injection Vulnerability in BigTree CMS 4.2.18: Remote Code Execution via form-create.php Directory Traversal Vulnerability in BigTree CMS 4.2.18 on Windows Arbitrary SQL Command Execution Vulnerability in Event List Plugin 0.7.8 for WordPress Stack-based Buffer Overflow in dnstracer: Denial of Service and Potential Impact via Long Name Argument Heap-based Buffer Overflow in gRPC's error.c Stack-based Buffer Overflow in libstaroffice's DatabaseName::read Function Heap-based Buffer Overflow in MsWrd1Parser::readFootnoteCorrespondance function Out-of-Bounds Read Vulnerability in Crypto++ (aka cryptopp) Inflator Filter SQL Injection Vulnerability in Dolibarr ERP/CRM User Search Parameters SQL Injection Vulnerability in TeamPass users.queries.php SQL Injection Vulnerability in Openbravo Business Suite 3.0 Denial of Service (Stack Consumption) Vulnerability in YARA 3.5.0 Memory Leak in ImageMagick 7.0.5-5's ReadPDBImage Function Allows Denial of Service Memory Leak in ImageMagick 7.0.5-5's ReadPSDChannel Function in coders/psd.c Arbitrary Web Script Injection in BigTree CMS through 4.2.18 Arbitrary Code Execution via Crafted Package Upload in BigTree CMS SQL Injection Vulnerability in BigTree CMS through 4.2.18 CSRF Vulnerabilities in BigTree CMS Buffer Overflow Vulnerability in systemd-resolved Path Traversal Vulnerability in Parallels Remote Application Server (RAS) 15.5 Build 16140 Arbitrary Code Injection via XSS in BigTree CMS SQL Injection Vulnerability in BigTree CMS 4.2.18: Remote Code Execution via core/admin/modules/developer/modules/views/create.php Privilege Escalation Vulnerability in AWS CloudFormation Bootstrap Tools Arbitrary JavaScript Injection via PATH_INFO in flatCore 1.4.6 Arbitrary Web Script Injection Vulnerability in Piwigo 2.9.0 and Earlier Authentication Bypass Vulnerability in BMC Server Automation before 8.9.01 Patch 1 Allows Process Spawner Command Execution Buffer Overflow in ares_parse_a_reply Function in ReSIProcate Library Vulnerability: Lack of Capsule Signature Validation in Intense PC Phoenix SecureCore UEFI Firmware GlobalProtect PAN-OS XXE Vulnerability Arbitrary Web Script Injection Vulnerability in Palo Alto Networks PAN-OS Denial of Service Vulnerability in Samba: Handling Dangling Symlinks Remote Code Execution via Python Debugger in Mercurial SQL Injection Vulnerability in Piwigo Application Open Redirect Vulnerability in Piwigo 2.9 and Earlier Versions Buffer Over-read and Information Disclosure Vulnerability in YARA 3.6.1 DES Encryption Design Flaw Allows Unauthorized Access to TP-Link WR841N V8 Router GlobalProtect External Interface Cross-Site Scripting (XSS) Vulnerability Null Pointer Dereference Vulnerability in Irssi Remote Code Execution Vulnerability in Irssi before 1.0.3 Denial of Service Vulnerability in ytnef 1.9.2 Heap-based Buffer Over-read Vulnerability in ytnef 1.9.2 Heap-based Buffer Over-read Vulnerability in ytnef 1.9.2 Denial of Service Vulnerability in ytnef 1.9.2 Heap-based Buffer Over-read Vulnerability in ytnef 1.9.2 Identity Spoofing Vulnerability in Comcast XFINITY WiFi Home Hotspot Devices Vulnerability in Comcast and Arris Routers Allows Remote Attackers to Discover Hidden SSID and Passphrase Remote Discovery of CM MAC Address on Comcast Cisco DPC3939 Devices Vulnerability: Discovery of Hidden Home Security Wi-Fi Networks in Comcast Cisco DPC3939 Firmware Arbitrary Command Execution Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Arbitrary File Read Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Unintended Access to Network Processor (NP) via Comcast Firmware on Cisco DPC3939 Devices Remote Root Access Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Root Access Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Remote Discovery of CM MAC Address on Comcast Cisco DPC3939 Devices Arbitrary Data Write Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Remote Password-of-the-Day Computation Vulnerability in Comcast Firmware on Cisco DPC3939 Devices Remote Discovery of WAN IPv6 IP Address in Comcast Cisco DPC3939 and DPC3941T Devices Unspecified Hardcoded Credentials Vulnerability in Comcast Cisco DPC3939 and DPC3941T Firmware CSRF Vulnerability in Comcast Firmware on Cisco DPC3939B Devices CSRF Vulnerability in Comcast Arris TG1682G Firmware Insecure Cookie Handling in Comcast and Cisco Routers Missing HTTPOnly Flag in Set-Cookie Header Vulnerability Remote Forced-Pairing Vulnerability in Comcast Firmware on Motorola MX011ANM Devices Remote Web Inspector Enabled on Comcast Motorola MX011ANM Devices Remote File Read Vulnerability in Comcast Motorola MX011ANM Firmware Vulnerability: Unauthorized Access to SNMP Server via Ethernet Port on Comcast Motorola MX011ANM Devices Arbitrary Command Execution Vulnerability in Comcast Firmware on Motorola MX011ANM Devices Arbitrary Firmware Upload Vulnerability in Comcast Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices Denial of Service Vulnerability in ImageMagick 7.0.5-7 Q16 Denial of Service Vulnerability in ImageMagick 7.0.5-8 Q16 Denial of Service Vulnerability in ImageMagick 7.0.5-7 Q16 via LockSemaphoreInfo Assertion Failure Heap buffer overflow vulnerability in libcurl's default protocol function on Windows and DOS Denial of Service Vulnerability in QEMU with MegaRAID SAS 8708EM2 HBA Emulation Unauthenticated User Can Receive Unauthorized Workbox Notifications in Atlassian Confluence Server Side Request Forgery (SSRF) vulnerability in Atlassian OAuth Plugin allows remote attackers to access internal network resources and perform XSS attacks Cross-Site Scripting (XSS) Vulnerability in Atlassian Crucible Review Dashboard Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Crucible's Review File Upload Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye Repository Changelog Resource Path Traversal Vulnerability in Atlassian Fisheye and Crucible on Windows Unauthenticated Access to Sensitive Information in Atlassian Fisheye and Crucible Missing Permission Checks in Atlassian Activity Streams Allow Unauthorized Watching and Voting Remote Code Execution in Bamboo Potential Cross-Site Scripting (XSS) Vulnerability in Craft CMS before 2.6.2982 via Malicious SVG File Upload CSRF Vulnerability in atmail before 7.8.0.2 Allows Unauthorized User Upload and CSV Import CSRF Vulnerability in atmail before 7.8.0.2 Allows SMTP Hostname Manipulation and Email Hijacking CSRF Vulnerability in atmail before 7.8.0.2 Allows Unauthorized User Account Creation Use-after-free vulnerability in r_config_set function in radare2 1.5.0 Unspecified Remote Code Execution Vulnerability in Comcast and Arris Devices Default Wi-Fi Passphrase Vulnerability on Technicolor TC8717T Devices XSS Vulnerability in Sophos Web Appliance FTP Redirect Page (NSWA-1342) Denial of Service Vulnerability in QEMU's NBD Server Group-Crontab-to-Root Privilege Escalation Vulnerability Side-channel vulnerability in Libgcrypt allows for easy recovery of long-term secret key Heap-based Use-After-Free Vulnerability in mark_context_stack function in mruby Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File IrfanView Version 4.44 (32bit) Denial of Service and Arbitrary Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Persistent Cross-Site Scripting (XSS) Vulnerability in SolarWinds Network Performance Monitor 12.0.15300.90 Directory Traversal Vulnerability in SolarWinds Network Performance Monitor v12.0.15300.90 Authentication Bypass Vulnerability in D-Link DIR-615 Wireless N 300 Router Arbitrary Password Reset Vulnerability in EFS Software Easy Chat Server 2.0 to 3.1 Remote Stack-Based Buffer Overflow (SEH) in EFS Software Easy Chat Server 2.0-3.1 Denial of Service Vulnerability in mpg123 1.24.0 XSS-based Denial of Service Vulnerability in BigTree CMS Cross-site Scripting (XSS) Vulnerability in BigTree CMS 4.2.18 Cross-site Scripting (XSS) Vulnerability in BigTree CMS 4.2.18 User-Submitted Payload Vulnerability in Mahara Local User Credential Sniffing Vulnerability in Synology Photo Station Bypassing Encryption Protection in Synology DiskStation Manager (DSM) Information Exposure Vulnerability in Synology DiskStation Manager (DSM) before 6.1.3-15152 Arbitrary Code Injection through Image Parameter in Synology Photo Station Arbitrary Code Injection through Video Metadata Editor in Synology Video Station Password Disclosure Vulnerability in EFS Software Easy Chat Server Versions 2.0 to 3.1 Unverified X.509 Certificates in wawa-employees-credit-union-mobile/id1158082793 App 4.0.1 for iOS Vulnerability: Insecure Certificate Verification in MEA Financial Vision-Bank App 3.0.1 for iOS Unverified X.509 Certificates in Cayuga Lake National Bank App 4.0.1 for iOS Unverified X.509 Certificates in Lee Bank & Trust Mobile App for iOS Allow Man-in-the-Middle Attacks Unverified X.509 Certificates in Freedom First Mobile Banking App for iOS SSL Certificate Verification Vulnerability in First Citizens Community Bank App for iOS Unverified X.509 Certificates in community-banks-cb2go/id445828071 App for iOS Insecure SSL Certificate Verification in First Security Bank Sleepy Eye Mobile App 3.0.0 for iOS Unverified X.509 Certificates Vulnerability in fsb-dequeen-mobile-banking/id1091025340 App 3.0.1 for iOS Unverified X.509 Certificates in avb-bank-mobile-banking App 3.0.0 for iOS Unverified X.509 Certificates in financial-plus-mobile-banking/id731070564 App 3.0.3 for iOS Vulnerability: SSL Certificate Verification Bypass in Citizens Bank (TX) cbtx-on-the-go App for iOS Vulnerability: Insecure SSL Certificate Verification in mount-vernon-bank-trust-mobile-banking/id542706679 App 3.0.0 for iOS Vulnerability: SSL Certificate Verification Bypass in CCB Mobile Banking iOS App Unverified X.509 Certificate Vulnerability in Athens State Bank Mobile Banking App for iOS Vulnerability: Insecure SSL Certificate Verification in NASB Mobile Banking App Unverified X.509 Certificates Vulnerability in KC Area Credit Union Mobile Banking App Unverified SSL Certificates in FVB Mobile Banking App Allow for Man-in-the-Middle Attacks SSL Certificate Verification Vulnerability in Middleton Community Bank Mobile Banking App Insecure SSL Certificate Verification in First Citizens Bank-Mobile Banking App Unverified X.509 Certificates Vulnerability in RVCB Mobile Banking App 3.0.0 Unverified X.509 Certificates Vulnerability in JMCU Mobile Banking App Unverified X.509 Certificates Vulnerability in Pioneer Bank & Trust Mobile Banking App SSL Certificate Verification Vulnerability in Algonquin State Bank Mobile Banking App Vulnerability: Insecure SSL Certificate Verification in BNB Mobile Banking App Unverified X.509 Certificates Vulnerability in Charlevoix State Bank App 3.0.1 Unverified X.509 Certificates Vulnerability in HBO Mobile Banking App Unverified X.509 Certificates Vulnerability in Community State Bank - Lamar Mobile Banking App Insecure SSL Certificate Verification in FSBY Mobile Banking App Unverified X.509 Certificates Vulnerability in PCSB BANK Mobile App 3.0.4 Unverified X.509 Certificates Vulnerability in Oritani Mobile Banking App Insecure SSL Certificate Verification in SCSB Shelbyville IL Mobile Banking App Insecure SSL Certificate Verification in State Bank of Waterloo Mobile Banking App Unverified X.509 Certificates Vulnerability in PCB Mobile App 3.0.2 SSL Certificate Verification Vulnerability in Your Legacy Federal Credit Union Mobile Banking App Insecure SSL Certificate Verification in Oculina Mobile Banking App Unverified X.509 Certificates Vulnerability in SVB Mobile Banking App Insecure SSL Certificate Verification in First State Bank of Bigfork Mobile Banking App CFB Mobile Banking App 3.0.1 for iOS Vulnerability: SSL Certificate Verification Bypass Unverified X.509 Certificates Vulnerability in Blue Ridge Bank and Trust Co. Mobile Banking App Insecure SSL Certificate Verification in Morton Credit Union Mobile Banking App Unverified X.509 Certificate Vulnerability in Fountain Trust Mobile Banking App Unverified X.509 Certificates Vulnerability in Peoples Bank Tulsa App Insecure SSL Certificate Verification in FNB Kemp Mobile Banking App Unauthenticated File Upload and Code Execution in KBVault Mysql Free Knowledge Base Application Package 0.16a SQL Injection Vulnerability in WP Jobs Plugin Allows Arbitrary SQL Execution Insecure Plugin Execution in KDE KMail and Messagelib Uninitialized Kernel Memory Disclosure in vmw_gb_surface_define_ioctl Function Privilege Escalation via Trojan Horse ViPNet Update File Integer Overflow Vulnerability in ARM Trusted Firmware NULL Pointer Dereference Vulnerability in dnxhd decoder in FFmpeg Arbitrary Web Script Injection Vulnerability in Blackcat CMS 1.2 Heap-based Buffer Over-read Vulnerability in GhostXPS 9.21 Heap-based Buffer Over-read Vulnerability in Artifex Ghostscript GhostXPS 9.21 Use-after-free vulnerability in Artifex Ghostscript GhostXPS 9.21 allows for remote code execution or denial of service Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors file upload functionality Denial of Service Vulnerability in libjpeg-turbo 1.5.1 Password Exposure in Cognito Software Moneyworks 8.0.3 and Earlier: Administrator Password Written to World-Readable File Stack Exhaustion Vulnerability in Wireshark 2.2.7 Dissect MP4 Box Function Stack Exhaustion Vulnerability in Wireshark 2.2.7 DAAP Dissector Buffer Overflow Vulnerability in Artifex Ghostscript GhostXPS 9.21 Denial of Service Vulnerability in Artifex Ghostscript GhostXPS 9.21 Heap-based Buffer Over-read Vulnerability in GhostXPS 9.21 EPESI Cross-Site Scripting (XSS) Vulnerability in update_translation.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Telaxus/EPESI 1.8.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Telaxus/EPESI 1.8.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Telaxus/EPESI 1.8.2 and Earlier Improper Authentication in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5 Unrestricted Remote Access Vulnerability in Marel Food Processing Systems Pluto Platform Uncontrolled Resource Consumption Vulnerability in Schneider Electric Wonderware ArchestrA Logger Information Exposure Vulnerability in Saia Burgess Controls PCD Controllers Stack-Based Buffer Overflow Vulnerability in Schneider Electric Wonderware ArchestrA Logger Authentication Bypass Vulnerability in PDQ Manufacturing Car Wash Systems Null Pointer Dereference Vulnerability in Schneider Electric Wonderware ArchestrA Logger Insecure Transmission of Username and Password in PDQ Manufacturing Vehicle Wash Systems Memory Buffer Bounds Restriction Vulnerability in Continental AG Infineon S-Gold 2 Chipset Arbitrary Memory Overwrite Vulnerability in Mitsubishi E-Designer Version 7.52 Build 344 Password Hashing Weakness in Schneider Electric Ampla MES 6.4 Heap Overflow Vulnerability in Mitsubishi E-Designer, Version 7.52 Build 344 Vulnerability: Information Disclosure in Schneider Electric Ampla MES 6.4 Stack Overflow Vulnerability in Mitsubishi E-Designer, Version 7.52 Build 344 Memory Corruption Vulnerability in Fuji Electric V-Server Version 3.3.22.0 and Prior Path Traversal Vulnerability in ALC WebCTRL, i-Vu, and SiteScan Web Cross-Site Request Forgery Vulnerability in PI Coresight 2016 R2 Unquoted Search Path Vulnerability in ALC WebCTRL, i-Vu, and SiteScan Web Inadequate Encryption Strength Vulnerability in Mirion Technologies Telemetry Enabled Devices Uncontrolled Search Path Element Vulnerability in Solar Controls HCDownloader Stack-Based Buffer Overflow Vulnerability in Continental AG Infineon S-Gold 2 Chipset on BMW, Ford, Infiniti, and Nissan Vehicles Uncontrolled Search Path Element Vulnerability in Solar Controls WATTConfig M Software Hard-Coded Cryptographic Key Vulnerability in Mirion Technologies Telemetry Enabled Devices Unrestricted File Upload Vulnerability in ALC WebCTRL, i-Vu, and SiteScan Web Privileged Access Vulnerability in OSIsoft PI Integrator for Business Analytics, PI Integrator for Microsoft Azure, and PI Integrator for SAP HANA Clear Text Storage of Login Credentials in Philips DoseWise Portal Cross-Site Scripting Vulnerability in OSIsoft PI Integrator for Business Analytics, PI Integrator for Microsoft Azure, and PI Integrator for SAP HANA Hard-coded Credentials in Philips DoseWise Portal Application Backend Database Partial Re-association Vulnerability in Philips IntelliVue MX40 WLAN Monitor Improper Handling of Exceptional Conditions in Philips IntelliVue MX40 Version B.06.18 Stack-Based Buffer Overflow Vulnerability in Fuji Electric Monitouch V-SFT Heap-Based Buffer Overflow in Fuji Electric Monitouch V-SFT Uncontrolled Search Path Element Vulnerability in SIMPlight SCADA Software 4.3.0.27 and Prior Improper Privilege Management in Fuji Electric Monitouch V-SFT: Privilege Escalation Vulnerability Cleartext Storage of Encryption Key in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1 Unauthorized Access and Command Execution Vulnerability in ABB SREA-01 and SREA-50 Legacy Remote Monitoring Tools Unfiltered XSS Vulnerability in CMS Made Simple 2.1.6's addgroup.php Remote Code Execution Vulnerability in Alpine Linux's APK Package Manager Uninitialized Stack Variable Vulnerability in load_tic_series() in gnuplot 5.2.rc1 APK Heap Overflow Vulnerability: Remote Code Execution via Malicious APKINDEX.tar.gz CSRF Vulnerability in SimpleCE 2.3.0 Allows Unauthorized Account Creation and Settings Modification Authenticated XSS Vulnerability in SimpleCE 2.3.0 on index.php/content/text/1?return_url=[XSS] Unauthenticated GET Request Reboot Vulnerability in D-Link DIR-605L Devices Potential Use After Free and Race Conditions in Qualcomm Android Products with CAF and Linux Kernel Race Condition Vulnerability in msm_compr_ioctl_shared Function Memory Corruption Vulnerability in Qualcomm Android Video Driver Kernel Memory Leak Vulnerability in Qualcomm Android Releases Uninitialized Structure Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Kernel Address Information Disclosure Vulnerability in Android Devices Race Condition in KGSL Driver Functions Leads to Use After Free Vulnerability Integer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Race Condition in Qualcomm USB Driver Leads to Use After Free Vulnerability Race Condition in Qualcomm WLAN Driver Leads to Use After Free Vulnerability Possible Double Free/Use After Free Vulnerability in SPS Driver with Debugfs Logging Double-Free and Use-After-Free Vulnerabilities in Android for MSM, Firefox OS for MSM, QRD Android HDMI CEC Message Exploit: Stack Memory Corruption in Android for MSM, Firefox OS for MSM, QRD Android Integer Overflow Vulnerability in qbt1000 ioctl Handler: Potential Buffer Overflow Race Condition Vulnerability in Android, Firefox OS, and QRD Android Allows Unauthorized Access to Freed Memory NULL Pointer Dereference Vulnerability in Atomic Commit on Writeback Panel Buffer Overflow Vulnerability in __wlan_hdd_change_station in Android, Firefox OS, and QRD Android before 2017-06-06 Buffer Overread Vulnerability in QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE Buffer Over-read Vulnerability in msm_isp_stop_stats_stream Function Race Condition Vulnerability in diag_dbgfs_read_table Allows Access to Freed Memory Arbitrary Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overwrite Vulnerability in fw_name_store with 64-character Image Name in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Uninitialized Stack Structure Data Leak Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases User-Space Pointer Access Vulnerability in Android Camera Driver Race Condition in Camera Driver Leads to Use After Free Vulnerability in Android and Firefox OS Use After Free Vulnerability in Android Releases from CAF with Linux Kernel Double Free Vulnerability in G-Link PKT Driver: A Potential Threat to Android Devices Array Out-of-Bounds Access Vulnerability in Android Display Driver Race condition vulnerability in Android camera driver: msm_ois_power_down function without mutex Privilege Escalation Vulnerability in Telephony for Android and Firefox OS Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out of Bound Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Vulnerability in qbt1000 Driver Allows Unauthorized Communication with QSEE Applications Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Race Condition Vulnerability in Multimedia Driver Can Lead to Buffer Overwrite HDMI CEC Parsing Buffer Overflow Vulnerability in Android Kernel Driver MDSS Vulnerability in Qualcomm Camera Driver Allows Out-of-Bounds Read/Write Buffer Overflow Vulnerability in Android Boot Loader Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Stack Overflow Vulnerability in Touchscreen Driver Synaptics_DSX Kernel Memory Access Vulnerability in Qualcomm Android Devices Vulnerability: Truncated Allocation Size in Qualcomm Android Releases with Linux Kernel Heap-based Buffer Over-read Vulnerability in Artifex Ghostscript GhostXPS 9.21 Heap-based Buffer Over-read Vulnerability in Artifex Ghostscript GhostXPS 9.21 Out-of-Bounds Read Vulnerability in uClibc 0.9.33.2's get_subexp Function Stack Exhaustion Vulnerability in uClibc 0.9.33.2 SQL Injection Vulnerability in rdr.php in nuevoMailer 6.0 and Earlier: Remote Code Execution via r Parameter Sensitive Information Disclosure in Source URL of ipk Package Remote Denial of Service Vulnerability in knc (Kerberised NetCat) Timing Channel Vulnerability in Jetty's Password Validation Remote Code Execution Vulnerability in SPIP 3.1.x and 3.2.x Heap-based Buffer Over-read Vulnerability in Artifex Ghostscript GhostXPS 9.21 Heap-based Buffer Over-read Vulnerability in GhostXPS 9.21 Arbitrary PHP Code Execution via dbprefix Parameter in ProjectSend r754 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer Overflow Vulnerability in sh_elf_set_mach_from_flags Function in GNU Binutils 2.28 Buffer Overflow Vulnerability in _bfd_vms_slurp_etir Function in GNU Binutils 2.28 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer overflow vulnerability in ieee_archive_p function in libbfd allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file Buffer overflow vulnerability in ieee_object_p function in libbfd in GNU Binutils 2.28 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted binary file. Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer overflow vulnerability in bfd/vms-alpha.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted binary file. Buffer overflow vulnerability in versados_mkobject function in libbfd allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file Buffer overflow vulnerability in libbfd in GNU Binutils 2.28 Buffer Overflow Vulnerability in GNU Binutils 2.28 Buffer overflow vulnerability in aarch64_ext_ldst_reglist function in GNU Binutils 2.28 Remote Command Injection Vulnerability in IPFire 2.19 via ids.cgi Inaudible Subversion: Silent Installation of Self-Signed Certificates by Savitech Driver Packages SQL Injection in Zenbership 1.0.8: Exploiting the filters array parameter in admin/index.php Heap-based Out-of-Bounds Read Vulnerability in radare2 1.5.0 Use-after-free vulnerability in cmd_info function in radare2 1.5.0 Denial of Service Vulnerability in GNU GRUB and radare2 MetInfo 5.3.17 Cross-Site Scripting (XSS) Vulnerability in stat.php Devil's Ivy: Integer Overflow Vulnerability in Genivia gSOAP Remote Denial of Service Vulnerability in Wireshark 2.2.7: PROFINET IO Data Stack Exhaustion Multiple Cross-Site Scripting (XSS) Vulnerabilities in Quali CloudShell Before 8 Arbitrary Process Handle Opening Vulnerability in Razer Synapse 2.20.15.1104 Out of Bounds Read Vulnerability in Razer Synapse rzpnk.sys Driver Arbitrary PHP Code Execution in WebsiteBaker v2.10.0 via install\save.php Privilege Escalation in OCaml Compiler Versions 4.04.0 and 4.04.1 via Insufficient Sanitization Denial of Service Vulnerability in Horde_Image 2.x before 2.5.0 via Crafted URL to Null Image Driver Remote Code Execution Vulnerability in Horde_Image 2.x before 2.5.0 via Crafted GET Request Stack Buffer Overflow in pdftocairo in Poppler before 0.56 Heap Buffer Overflow in pdftocairo in Poppler before 0.56 due to Integer Overflow DWARF Section Length Field Vulnerability in GNU Debugger (GDB) Unspecified Impact Vulnerability in OCaml Compiler Privilege Escalation via Inappropriate Permissions in Flatpak Cross Site Scripting (XSS) Vulnerability in Check_MK Versions 1.4.0x prior to 1.4.0p6 Remote Denial of Service Vulnerability in JasPer 2.0.12 Arbitrary Script Injection in ProjectSend (formerly cFTP) Description Field Remote Code Execution via Deserialization of JSON data in CSRF Cookie in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse Arbitrary Script Injection in ProjectSend (formerly cFTP) Allows XSS Attacks Vulnerability: Denial of Service (DoS) Attack in Spring AOP Functionality for Securing Struts Actions Uninitialized Value Leakage and Denial of Service Vulnerability in Apache HTTP Server Apache httpd 2.4.26 HTTP/2 Handling Code Memory Access Vulnerability Denial of Service in Apache Mesos Due to Empty Request Path Handling Remote Code Execution Vulnerability in Apache Struts 2.1.x and 2.3.x via ActionMessage Privilege Escalation in Apache Impala: Unauthorized Access to Kudu Table Data Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 - Outdated XStream Library DoS Vulnerability Apache Geode Secure Mode Query Data Leakage Vulnerability Apache Geode Cluster Unauthorized Access and Remote Code Execution Vulnerability Apache Geode Cluster Unauthorized Read Access Vulnerability Apache Geode Cluster Unauthenticated Client Multi-User Authentication Mode Vulnerability Optionsbleed: Apache HTTP Server Remote Memory Disclosure Vulnerability Apache Storm Vulnerability: User Impersonation and Credential Compromise Arbitrary Shell Command Execution via Malicious svn+ssh:// URL Arbitrary SMTP Header Injection in Apache Commons Email 1.0 through 1.4 XSS Vulnerability in Apache Sling Servlets Post before 2.3.22 Apache Solr Kerberos Plugin Privilege Escalation Vulnerability Apache Struts URLValidator Server Process Overload Vulnerability Remote Code Execution Vulnerability in Apache Struts 2 REST Plugin OpenOffice Writer DOC File Parser Denial of Service and Arbitrary Code Execution Vulnerability Arbitrary Code Execution via OpenWebif Plugin in E2 Open Devices Cross Site Scripting (XSS) vulnerability in OX App Suite 7.8.4 and earlier Information Exposure in OX App Suite 7.8.4 and earlier Missing Anti-CSRF Tokens in Kaspersky Anti-Virus for Linux File Server Privilege Escalation Vulnerability in Kaspersky Anti-Virus for Linux File Server Arbitrary File Read Vulnerability in Kaspersky Anti-Virus for Linux File Server Cross-Site Scripting (XSS) Vulnerability in Kaspersky Anti-Virus for Linux File Server Out-of-Bounds Read Denial of Service Vulnerability in Cairo 1.15.6 and Earlier Memory Leak Vulnerability in LibTIFF 4.0.7 Arbitrary Web Script Injection Vulnerability in Paessler PRTG Network Monitor Weak Four-Digit Passcode Vulnerability in BHIM Application 1.3 for Android OTP Bypass Vulnerability in BHIM Application 1.3 for Android Accessibility Service Bypass Vulnerability in BHIM Application 1.3 for Android Hardcoded Strings in BHIM Application for Android Allow Authentication Bypass Critical Remote Code Execution Vulnerability in DNN (DotNetNuke) Versions Prior to 9.1.1 Shell Command Injection Vulnerability in VIVOTEK Network Cameras Arbitrary File Read Vulnerability in VIVOTEK Network Cameras Remote Code Execution in Code42 CrashPlan 5.4.x via org.apache.commons.ssl.rmi.DateRMI Java Class Integer Overflow Vulnerability in libmtp's ptp_unpack_EOS_CustomFuncEx Function Integer Overflow Vulnerability in libmtp's ptp-pack.c (ptp_unpack_OPL function) Allows for Denial of Service or Remote Code Execution Arbitrary File Read Vulnerability in Boa 0.94.14rc21 via FILECAMERA Variable Injection Arbitrary SQL Command Execution in WatuPRO Plugin for WordPress Heap-based Buffer Overflow in gs_alloc_ref_array function in Artifex Ghostscript 9.21 Arbitrary Script Injection in Piwigo 2.9.1 via Virtual Album Creation Multiple Reflected Cross-Site Scripting (XSS) Vulnerabilities in Dolibarr ERP/CRM Versions Before 5.0.4 SQL Injection Vulnerability in Dolibarr ERP/CRM (versions prior to 5.0.4) via product/stats/card.php (type parameter) Arbitrary Code Execution Vulnerability in Dolibarr ERP/CRM 5.0.3 and Prior Arbitrary PHP Code Execution in PHPUnit Util/PHP/eval-stdin.php Denial of Service Vulnerability in SAP NetWeaver AS ABAP 7.40 (SAP Security Note 2406841) Remote Code Execution and Denial of Service Vulnerability in SAP NetWeaver 7400.12.21.30308 SAP NetWeaver 7.40 DISP+WORK Denial of Service Vulnerability Remote Code Execution Vulnerability in Winmail Server 6.1 via Authenticated Directory Traversal Heap-based Buffer Over-read Vulnerability in libtorrent 1.1.3 SQL Injection Vulnerability in Easysite 7.0 WebServices Vulnerability: Denial of Service in SMA Solar Technology Products Default and Unchangeable Password Vulnerability in SMA Solar Technology Products Weak Password Policy in SMA Solar Technology Inverters: A Critical Vulnerability Vulnerability: Password Sniffing in SMA Solar Technology Products Predictable Codes in SMA Solar Technology's Grid Guard System Allows Unauthorized Parameter Changes Vulnerability: Easy Decryption of Sniffed Passwords in SMA Solar Technology Products Vulnerability: Insecure Authentication and Encryption in SMA Solar Technology Products User Account Enumeration Vulnerability in SMA Solar Technology Products Weak Hashing Algorithm Used for Password Encryption in SMA Solar Technology Inverters Unauthenticated Firmware Update Vulnerability in SMA Solar Technology Products Vulnerability: Insecure SIP Implementation in SMA Solar Technology Products Vulnerability: Unauthorized Debug Report Creation and Information Disclosure in SMA Solar Technology Products Vulnerability: Cross-Site Request Forgery in SMA Solar Technology Products Unauthenticated Plant Time Manipulation Vulnerability in SMA Solar Technology Products Denial of Service Vulnerability in Poppler 0.54.0 via Crafted PDF Document World Readable Mosquitto Persistence File Allows Unauthorized Access to MQTT Topic Information Buffer Over-read Vulnerability in II_step_one Function in mpglib Buffer over-read vulnerability in III_i_stereo function in mpglib Stack-based buffer overflow vulnerability in the III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted audio file. Stack-based buffer overflow vulnerability in the III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted audio file. Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service and Potential Impact Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.46 Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution via Crafted .fpx File in XnView Classic for Windows Version 2.40 Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Possible Stack Corruption in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File Remote Code Execution via Crafted .bie File in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Denial of Service and Arbitrary Code Execution Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Denial of Service and Arbitrary Code Execution Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50 Remote Code Execution and Denial of Service Vulnerability in SWFTools 2013-04-09-1007 on Windows Remote Code Execution and Denial of Service Vulnerability in SWFTools 2013-04-09-1007 on Windows Remote Code Execution Vulnerability in SWFTools 2013-04-09-1007 on Windows Remote Code Execution Vulnerability in SWFTools 2013-04-09-1007 on Windows Stack Buffer Overflow in lrzip 0.631: Denial of Service via Crafted File Stack Buffer Overflow in get_fileinfo function of lrzip 0.631 CSRF Vulnerability in Green Packet DX-350 Firmware v2.8.9.5-g1.4.8-atheeb Cross-Site Scripting (XSS) Vulnerability in Green Packet DX-350 Firmware v2.8.9.5-g1.4.8-atheeb Default Admin Password Vulnerability in Green Packet DX-350 Firmware v2.8.9.5-g1.4.8-atheeb Cache Invalidation Vulnerability in Joomla! CMS 1.7.3 through 3.7.2 Allows Disclosure of Form Contents Cross-Site Scripting (XSS) Vulnerability in Joomla! CMS 1.7.3 through 3.7.2 Heap-based Buffer Overflow in LibTIFF 4.0.8's t2p_write_pdf Function Memory Leak Vulnerability in LibTIFF 4.0.8's tif_jbig.c Remote Denial of Service Vulnerability in LibTIFF 4.0.8 Siemens SIMATIC Logon Remote Access Service Denial-of-Service Vulnerability Siemens SiPass Integrated Authentication Bypass Vulnerability Siemens SiPass Integrated File System Access Vulnerability Siemens SiPass Integrated Vulnerability: Man-in-the-Middle Attack on Network Communication Siemens SiPass Integrated Local Access Credential Theft Vulnerability Unauthenticated Remote Administrative Operations Vulnerability in Siemens 7KT PAC1200 Data Manager Denial-of-Service Vulnerability in Siemens 7KM PAC Switched Ethernet PROFINET Expansion Module Authentication Bypass Vulnerability in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers Siemens APOGEE PXC and TALON TC BACnet Automation Controllers Directory Traversal Vulnerability Stack Buffer Overflow Vulnerability in Microsoft Skype 7.2-7.36 Buffer underflow vulnerability in radare2 1.5.0 allows remote attackers to cause denial of service or other impact Heap-based Buffer Over-read in memcached's try_read_command Function Remote Denial of Service Vulnerability in Exiv2 0.26: Invalid Free in Image::printIFDStructure Stack-based buffer over-read vulnerability in the getvalue function in tekhex.c in GNU Binutils 2.28 Heap-based Buffer Over-read Vulnerability in libbfd Authentication Bypass Vulnerability in Schneider Electric U.motion Builder Software Hidden System Account with Hardcoded Password in Schneider Electric's U.motion Builder Software Improper Access Control in Schneider Electric U.motion Builder Software Allows Arbitrary Code Execution Denial of Service Vulnerability in Schneider Electric U.motion Builder Software Information Disclosure Vulnerability in Schneider Electric U.motion Builder Software Arbitrary Code Execution Vulnerability in Schneider Electric's Pro-Face GP Pro EX Version 4.07.000 Memory Allocation Vulnerability in Schneider Electric's ClearSCADA Cross-Site Request Forgery Vulnerability in Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Path Traversal Vulnerability in Schneider Electric Pelco VideoXpert Enterprise Directory Traversal Vulnerability in Schneider Electric's Pelco VideoXpert Enterprise Versions 2.0 and Prior Privilege Escalation Vulnerability in Schneider Electric's Pelco VideoXpert Enterprise Versions 2.0 and Prior Security Misconfiguration Vulnerability in Schneider Electric's IGSS SCADA Software Versions 12 and Prior Schneider Electric IGSS Mobile Application TLS/SSL Certificate Pinning Bypass Vulnerability Clear Text Password Storage in Schneider Electric's IGSS Mobile Application Remote Code Execution Vulnerability in Schneider Electric's StruxureOn Gateway Vulnerability: Bypassing Malware Detection in AVG AntiVirus for MacOS User Enumeration Vulnerability in OSNEXUS QuantaStor v4 Virtual Appliance Cross-Site Scripting (XSS) Vulnerability in OSNEXUS QuantaStor v4 Virtual Appliance before 4.3.1 Command Injection Vulnerability in Green Packet DX-350 Firmware v2.8.9.5-g1.4.8-atheeb PING Feature Denial of Service Vulnerability in TeamSpeak Client 3.0.19 Double Fetch Vulnerability in Linux Kernel's snd_msnd_interrupt Function Double Fetch Vulnerability in Linux Kernel's snd_msndmidi_input_read Function Double Fetch Vulnerability in Linux Kernel's sound/oss/msnd_pinnacle.c Heap-Based Buffer Overflow in hpel_motion Function in libav 12.1 Memory Allocation Vulnerability in readEncUInt30 Function of libming 0.4.8 Memory Allocation Vulnerability in libming 0.4.8 Leads to Remote Denial of Service Attack Stack-based Buffer Overflow in color_string_to_rgba function in FFmpeg 3.3 before 3.3.1 Heap-based buffer overflow in xwd_decode_frame function in FFmpeg Heap-based buffer overflow in decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 Arbitrary File Read Vulnerability in FFmpeg Heap-based buffer overflow vulnerability in libavcodec/webp.c in FFmpeg allows remote attackers to cause a denial of service or possibly have unspecified other impact. Heap-based Buffer Overflow in libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 Heap-based buffer overflow vulnerability in cdxl_decode_frame function in FFmpeg Denial of Service Vulnerability in libdwarf through 2017-06-28