Vulnerability Index: Year 2017

Windows GDI Elevation of Privilege Vulnerability Same Origin Policy Bypass in Microsoft Edge via about:blank and data: URLs Microsoft Office Memory Corruption Vulnerability LSASS Denial of Service Vulnerability in Windows Vista, Server 2008, and Windows 7 Windows GDI Elevation of Privilege Vulnerability Microsoft Office Memory Corruption Vulnerability in Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 PowerShell Security Feature Bypass Vulnerability in Device Guard Internet Explorer Memory Disclosure Vulnerability Microsoft Internet Explorer 9 through 11 Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Browser Content Spoofing Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability Microsoft Edge RegEx XSS Filter Vulnerability Internet Explorer Remote Code Execution Vulnerability Microsoft Word 2016 Remote Code Execution Vulnerability Microsoft Office Memory Corruption Vulnerability in Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 Hyper-V vSMB Packet Data Validation Vulnerability Microsoft XML Information Disclosure Vulnerability Microsoft PDF Remote Code Execution Vulnerability Win32k Elevation of Privilege Vulnerability in Windows 10 1607 and Windows Server 2016 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Office Information Disclosure Vulnerability Scripting Engine Memory Corruption Vulnerability Crafted Office Document Denial of Service Vulnerability in Microsoft Office 2010, Word 2010, Word 2013 RT, and Word 2016 Microsoft Office Memory Corruption Vulnerability Microsoft Office Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Browser Content Spoofing Vulnerability Microsoft Edge Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Type Confusion Vulnerability in Microsoft Internet Explorer and Edge Remote Information Disclosure Vulnerability in GDI32.dll Library Loading Input Validation Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Internet Explorer 9-11 Windows Media Player Information Disclosure Vulnerability Local User Information Disclosure in Microsoft Active Directory Federation Services Windows DVD Maker .msdvd File Parsing Vulnerability Windows GDI Elevation of Privilege Vulnerability VBScript Engine Information Disclosure Vulnerability in Internet Explorer 11 Windows Kernel Elevation of Privilege Vulnerability Microsoft Hyper-V Network Switch Denial of Service Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft IIS Server XSS Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows DNS Query Information Disclosure Vulnerability Win32k Kernel Information Disclosure Vulnerability Internet Explorer Memory Disclosure Vulnerability GDI+ Information Disclosure Vulnerability Microsoft Color Management Memory Handling Vulnerability GDI+ Information Disclosure Vulnerability Microsoft Color Management ASLR Bypass Vulnerability Internet Explorer Mixed Content Warning Bypass Vulnerability Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Remote Information Disclosure Vulnerability Microsoft Edge Web Content Spoofing Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows GDI+ Information Disclosure Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Denial of Service Vulnerability Win32k Information Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 and Windows Server 2016 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability in Microsoft Windows 10 Gold and 1511 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows Uniscribe Remote Code Execution Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Windows Uniscribe Remote Code Execution Vulnerability Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Remote Code Execution Vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Remote Code Execution Vulnerability in Microsoft Scripting Engines Hyper-V vSMB Remote Code Execution Vulnerability Hyper-V Information Disclosure Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Windows HelpPane Elevation of Privilege Vulnerability Windows Elevation of Privilege Vulnerability in Kernel-Mode Drivers Windows Elevation of Privilege Vulnerability Windows Registry Elevation of Privilege Vulnerability iSNS Server Memory Corruption Vulnerability Out-of-Bound Memory Disclosure in Microsoft Office Microsoft Office Memory Corruption Vulnerability Microsoft SharePoint Server Cross-Site Scripting (XSS) Vulnerability Graphics Component Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Microsoft Exchange OWA Cross-Site Scripting (XSS) Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Windows Uniscribe Information Disclosure Vulnerability Uniscribe Memory Disclosure Vulnerability Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Web Site Information Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Vista, Server 2008, and Windows 7 Uniscribe Information Disclosure Vulnerability in Microsoft Windows Uniscribe Memory Disclosure Vulnerability Uniscribe Information Disclosure Vulnerability in Microsoft Windows Certificate Validation Vulnerability in Microsoft Lync for Mac 2011 Scripting Engine Memory Corruption Vulnerability in Microsoft Internet Explorer 9-11 Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Microsoft Edge Same Origin Policy Bypass Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Internet Explorer Memory Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Scripting Engines Remote Code Execution Vulnerability in Microsoft Scripting Engines Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Cross-Domain Information Leakage Vulnerability in Microsoft Internet Explorer 11 Windows Graphics Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Scripting Engine Memory Corruption Vulnerability Extranet Client Request Misclassification Vulnerability in ADFS .NET Remote Code Execution Vulnerability NetBT Session Services Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Active Directory Denial of Service Vulnerability in Windows 10 1607 and Windows Server 2016 Windows Elevation of Privilege Vulnerability LDAP Elevation of Privilege Vulnerability in Windows Windows Kernel Object Memory Handling Vulnerability Hyper-V Network Switch Information Disclosure Vulnerability Hyper-V Information Disclosure Vulnerability XML Parsing Information Disclosure Vulnerability in Windows Performance Monitor Windows DNS Server Denial of Service Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability NetBIOS Packet Handling Denial of Service Vulnerability Windows Kernel Information Disclosure Vulnerability Buffer Overflow Vulnerability in Smart Card Authentication Code in Microsoft Windows XP and Server 2003 Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Remote Code Execution Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Hyper-V Denial of Service Vulnerability Win32k Kernel Information Disclosure Vulnerability Win32k Kernel-Mode Object Handling Elevation of Privilege Vulnerability GDI Information Disclosure Vulnerability Memory Object Handling Vulnerability in Windows Systems ATMFD.dll Information Disclosure Vulnerability Hypervisor Code Integrity Elevation of Privilege Vulnerability Microsoft Office Information Disclosure Vulnerability Microsoft Office XSS Elevation of Privilege Vulnerability Memory Information Disclosure Vulnerability in Microsoft Scripting Engine Microsoft Office DLL Loading Vulnerability in OneNote 2007 and 2010 Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API Microsoft Edge Remote Code Execution via Memory Corruption Scripting Engine Memory Corruption Vulnerability in Internet Explorer Internet Explorer Remote Code Execution via Memory Corruption Vulnerability Edge Content Security Policy Validation Bypass Vulnerability Office Protected View Bypass Vulnerability in Microsoft Outlook Microsoft Edge Remote Code Execution via Memory Corruption Outlook for Mac 2011 HTML Spoofing Vulnerability Chakra Scripting Engine Information Disclosure Vulnerability in Microsoft Edge Cross-Domain Policy Enforcement Vulnerability in Internet Explorer Windows OLE Elevation of Privilege Vulnerability Windows Hyper-V vSMB Elevation of Privilege Vulnerability Windows COM Aggregate Marshaler Elevation of Privilege Vulnerability Windows COM Elevation of Privilege Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Kernel Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability Internet Explorer Remote Code Execution via Memory Corruption Vulnerability Chakra Core Remote Code Execution Vulnerability Memory Corruption Vulnerability in Microsoft Edge's JavaScript Engine Internet Explorer Remote Code Execution Vulnerability Microsoft Edge Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Microsoft Edge Scripting Engine Memory Corruption Vulnerability Edge Scripting Engine Memory Corruption Vulnerability SmartScreen Filter Spoofing Vulnerability in Microsoft Browsers Escape from AppContainer Sandbox: Microsoft Edge Elevation of Privilege Vulnerability Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Chakra JavaScript Engine Memory Corruption Vulnerability in Microsoft Edge Microsoft Browsers Remote Code Execution via Scripting Engine Memory Corruption Microsoft Edge Remote Code Execution Vulnerability Domain-less Page Rendering Vulnerability in Microsoft Edge ActiveX Object Instantiation Information Disclosure Vulnerability Microsoft Office Object Handling Remote Code Execution Vulnerability Windows Kernel Elevation of Privilege Vulnerability Win32k Information Disclosure Vulnerability Win32k Elevation of Privilege Vulnerability Denial of Service Vulnerability in ASP.NET Core Mvc .NET Security Feature Bypass Vulnerability ASP.NET Core Elevation of Privilege Vulnerability Buffer Overflow Vulnerability in Microsoft JET Database Engine Chakra Core Remote Code Execution Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft SharePoint Foundation 2013 SP1 Elevation of Privilege Vulnerability ASP.NET Core Spoofing Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Microsoft Office Remote Code Execution Vulnerability Office Remote Code Execution Vulnerability in Microsoft Office 2010, 2013, and 2016 Office Remote Code Execution Vulnerability in Microsoft Office 2010, 2013, and 2016 Win32k Elevation of Privilege Vulnerability Microsoft PowerPoint for Mac 2011 Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft PowerPoint for Mac 2011 Memory Object Handling Vulnerability in Microsoft Edge Windows SMB Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Denial of Service Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Denial of Service Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Remote Code Execution Vulnerability Windows SMBv1 Denial of Service Vulnerability Office Remote Code Execution Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Uniscribe Remote Code Execution Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Uniscribe Memory Disclosure Vulnerability Windows Graphics Information Disclosure Vulnerability Graphics Uniscribe Information Disclosure Vulnerability in Windows Server and Windows OS Windows Graphics Memory Disclosure Vulnerability Windows Graphics Memory Disclosure Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Windows PDF Remote Code Execution Vulnerability Windows PDF Remote Code Execution Vulnerability Windows PDF Library Remote Code Execution Vulnerability Cabinet File Remote Code Execution Vulnerability in Microsoft Windows Windows Default Folder Tampering Vulnerability Windows TDX Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability Windows COM Session Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability F5 BIG-IP APM Portal Access Vulnerability F5 BIG-IP APM URL Length Vulnerability Resource Starvation Vulnerability in F5 BIG-IP LTM Software SQL Injection Vulnerability in BIG-IP AFM Management UI Vulnerability in F5 SSL Intercept iApp Allows Unauthenticated Remote Attack and System Configuration Modification Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA GPU Display Driver Kernel Mode Integer Overflow Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler Denial of Service Vulnerability Improper Access Control in NVIDIA GPU Display Driver R378: Denial of Service and Privilege Escalation Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Buffer Overflow Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Buffer Overflow Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation Unvalidated User Input in NVISystemService64 in GeForce Experience (GFE) 3.x before 3.10.0.55 NVIDIA GPU and GeForce Experience Installer Privilege Escalation Vulnerability NVIDIA Linux GPU Display Driver Kernel Mode Layer Handler Denial of Service Vulnerability Denial of Service Vulnerability in NVIDIA Windows GPU Display Driver Denial of Service Vulnerability in NVIDIA Windows GPU Display Driver NVIDIA GPU Display Driver Kernel Mode Layer Handler NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Array Index Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Buffer Validation Vulnerability Elevation of Privilege Vulnerability in NVIDIA I2C HID Driver Allows Arbitrary Code Execution Out-of-Bounds Read Vulnerability in NVIDIA Video Driver Leads to Information Disclosure Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0327) Information Disclosure Vulnerability in NVIDIA Crypto Driver Elevation of Privilege Vulnerability in NVIDIA Boot and Power Management Processor Driver Information Disclosure Vulnerability in NVIDIA Crypto Driver Critical Elevation of Privilege Vulnerability in NVIDIA Video Driver for Android Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0332) Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android High-Risk Information Disclosure Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android NVIDIA GPU Driver Information Disclosure Vulnerability in Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Elevation of Privilege Vulnerability in NVIDIA Crypto Driver for Android Kernel 3.10 (CVE-2017-0339) Elevation of Privilege Vulnerability in NVIDIA Libnvparser Component (CVE-2017-0340) NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability Race Condition Vulnerability in NVIDIA Windows GPU Display Driver NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Privilege Escalation via DxgDdiEscape Handler NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Out-of-Bound Access and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode Buffer Validation Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Denial of Service and Privilege Escalation NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability NVIDIA Windows GPU Display Driver Kernel Mode Pointer Validation Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler Vulnerability NVIDIA GPU Display Driver Kernel Mode Layer Handler NULL Pointer Dereference Vulnerability Privilege Escalation Vulnerability in NVIDIA GPU Display Driver NVIDIA GPU Display Driver Vulnerability: Denial of Service via DxgDdiEscape NVIDIA Windows GPU Display Driver Kernel Mode Denial of Service Vulnerability NVIDIA Windows GPU Display Driver Denial of Service Vulnerability Authentication Bypass Vulnerability in ikiwiki Plugin Heap-Overflow Vulnerability in iucode-tool's -tr Loader Privilege Escalation in NTFS-3G: Unsanitized Environment Variable Execution Arbitrary Disk Write Vulnerability in diffoscope Arbitrary File Read Vulnerability in Tryton 3.x and 4.x through 4.2.2 Information Disclosure Vulnerability in Mediawiki API Logging CSRF Vulnerability in Mediawiki's Mark all pages visited Feature Open Redirect Vulnerability in Mediawiki Special:Search Redirect Vulnerability in Mediawiki XSS Vulnerability in Mediawiki's SearchHighlighter::highlightText() Function SVG Filter Evasion Vulnerability in Mediawiki Unsafe Use of Temporary Directory in Mediawiki Vulnerability: RawHTML Mode Exploitation in Mediawiki Undelete Page Vulnerability in Mediawiki Ineffective Spam Blacklist Vulnerability in Mediawiki File Inclusion Syntax IP Address Disclosure Vulnerability in MediaWiki SyntaxHighlight Extension Parameter Injection Vulnerability Remote Code Execution via Crafted Debian Package File Privilege Escalation via Crafted Model in Config-Model Denial of Service Vulnerability in Tor's Hidden-Service Feature Denial of Service Vulnerability in Tor's Hidden-Service Feature Inadequate Guard Selection Algorithm in Tor 0.3.x before 0.3.0.9 Cross-Site Scripting (XSS) Vulnerability in Phamm Login Form Function Curve25519 Side-Channel Attack Vulnerability in Libgcrypt Uninitialized Stack Data Leak in Tor Hidden Services Information Disclosure Vulnerability in libopus in Mediaserver Allows Unauthorized Access to Sensitive Data High-Risk Remote Code Execution Vulnerability in Framesequence Library on Android Elevation of Privilege Vulnerability in Android Framework APIs Privilege escalation vulnerability in Audioserver's libeffects Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in libnl Library on Android High-Risk Elevation of Privilege Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Android External Storage Provider Allows Unauthorized Access to SD Card Data Critical Denial of Service Vulnerability in Android Networking Denial of Service Vulnerability in Tremolo/dpen.s in Mediaserver Denial of Service Vulnerability in libhevc in Mediaserver (Android) Denial of Service Vulnerability in libstagefright in Mediaserver (Android) Denial of Service Vulnerability in libvpx in Mediaserver High-Risk Denial of Service Vulnerability in Android Telephony Silent Contact Creation Vulnerability in Android Contacts Information Disclosure Vulnerability in Mediaserver's libeffects Information Disclosure Vulnerability in libstagefright in Mediaserver Moderate Information Disclosure Vulnerability in Audioserver on Android Information Disclosure Vulnerability in Qualcomm Audio Post Processor Information Disclosure Vulnerability in Audioserver Allows Unauthorized Access to Sensitive Data Information Disclosure Vulnerability in Qualcomm Audio Post Processor Information Disclosure Vulnerability in Audioserver's libeffects Elevation of Privilege Vulnerability in Android Kernel Performance Subsystem Elevation of Privilege Vulnerability in Android Kernel Sound Subsystem Critical Remote Code Execution Vulnerability in Surfaceflinger Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Remote Code Execution Vulnerability in libgdx Critical Remote Code Execution Vulnerability in libstagefright on Android Elevation of Privilege Vulnerability in Android Framework APIs Elevation of Privilege Vulnerability in Android Framework APIs Elevation of Privilege Vulnerability in Android Framework APIs AOSP Messaging Local Information Disclosure Vulnerability High-Risk Information Disclosure Vulnerability in AOSP Messaging on Android High-Risk Elevation of Privilege Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Audioserver on Android High-Risk Information Disclosure Vulnerability in AOSP Mail for Android High-Risk Information Disclosure Vulnerability in Android Framework APIs Bionic DNS Remote Denial of Service Vulnerability Bluetooth Elevation of Privilege Vulnerability Allows Unauthorized Document Access Information Disclosure Vulnerability in AOSP Messaging Allows Unauthorized Access to Data Moderate Information Disclosure Vulnerability in Audioserver on Android Filesystem Information Disclosure Vulnerability in Android 7.0 and 7.1.1 Critical Elevation of Privilege Vulnerability in Android Kernel File System Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in NVIDIA GPU Driver for Android Critical Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Qualcomm Closed Source Components Elevation of Privilege Vulnerability in Android Kernel (A-32573899) Elevation of Privilege Vulnerability in MediaTek Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Realtek Sound Driver for Android Kernel-3.10 (A-32705232) Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver High-Risk Information Disclosure Vulnerability in NVIDIA Video Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution Qualcomm Sound Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Camera Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Audio Driver High-Risk Information Disclosure Vulnerability in Qualcomm Bootloader Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm IPA Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm ADSPRPC Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Allows Arbitrary Code Execution Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Networking Driver Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Elevation of Privilege Vulnerability in Qualcomm Seemp Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Networking Driver Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm ADSPRPC Driver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Critical Remote Code Execution Vulnerability in Android Mediaserver Elevation of Privilege Vulnerability in Android Recovery Verifier Remote Code Execution Vulnerability in AOSP Messaging Remote Code Execution Vulnerability in libgdx for Android (CVE-2021-33621647) High-Risk Remote Code Execution Vulnerability in Framesequence Library on Android Elevation of Privilege Vulnerability in Audioserver on Android Elevation of Privilege Vulnerability in Audioserver on Android NFC Elevation of Privilege Vulnerability in Android High Severity Denial of Service Vulnerability in Android Mediaserver Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver High Severity Denial of Service Vulnerability in Android Mediaserver Location Manager Elevation of Privilege Vulnerability in Android Wi-Fi Elevation of Privilege Vulnerability Allows Local Malicious App to Delete User Data Elevation of Privilege Vulnerability in Android Package Manager Allows Local Malicious App to Block Uninstallation and Permission Removal Elevation of Privilege Vulnerability in Android System UI Allows Unauthorized UI Overlay File-Based Encryption Vulnerability Allows Bypassing Android Lock Screen Information Disclosure Vulnerability in AOSP Messaging Allows Unauthorized Data Access Mediaserver Information Disclosure Vulnerability in Android Setup Wizard Denial of Service Vulnerability in Android Denial of Service Vulnerability in Android Mediaserver Denial of Service Vulnerability in Android Setup Wizard Allows Local Attackers to Require Google Account Sign-In After Factory Reset Local Denial of Service Vulnerability in Audioserver on Android Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in MediaTek Components Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Critical Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Critical Elevation of Privilege Vulnerability in Android Kernel FIQ Debugger Elevation of Privilege Vulnerability in Qualcomm Input Hardware Driver Elevation of Privilege Vulnerability in MediaTek Hardware Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Fingerprint Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Fingerprint Sensor Driver Elevation of Privilege Vulnerability in Qualcomm Crypto Engine Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Elevation of Privilege Vulnerability in MediaTek APK Allows Local Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Qualcomm IPA Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in HTC Sensor Hub Driver Elevation of Privilege Vulnerability in HTC Sensor Hub Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Android Kernel-3.18 (A-33351919) High-Risk Information Disclosure Vulnerability in MediaTek Driver for Android Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Information Disclosure Vulnerability in MediaTek Video Codec Driver Information Disclosure Vulnerability in Qualcomm Video Driver Information Disclosure Vulnerability in Qualcomm Video Driver HTC Sound Codec Driver Information Disclosure Vulnerability Moderate Information Disclosure Vulnerability in Synaptics Touchscreen Driver for Android USB Gadget Driver Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in Sonivox in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Elevation of Privilege Vulnerability in CameraBase Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Audioserver Allows Arbitrary Code Execution SurfaceFlinger Elevation of Privilege Vulnerability High-Risk Information Disclosure Vulnerability in Android's libmedia in Mediaserver Remote Denial of Service Vulnerability in libskia High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android Remote Denial of Service Vulnerability in libavc in Mediaserver High Severity Remote Denial of Service Vulnerability in libavc in Mediaserver on Android Elevation of Privilege Vulnerability in libnl Allows Arbitrary Code Execution in Android Wi-Fi Service Elevation of Privilege Vulnerability in Android Telephony Component Information Disclosure Vulnerability in libavc in Mediaserver on Android Information Disclosure Vulnerability in libmpeg2 in Mediaserver Allows Unauthorized Data Access Information Disclosure Vulnerability in libmpeg2 in Mediaserver Allows Unauthorized Data Access Mediaserver Information Disclosure Vulnerability in Android Libskia Information Disclosure Vulnerability in Android Factory Reset Vulnerability Allows Unauthorized Access to Previous Owner's Data Critical Remote Code Execution Vulnerability in Broadcom Wi-Fi Firmware Critical Elevation of Privilege Vulnerability in MediaTek Touchscreen Driver Critical Elevation of Privilege Vulnerability in HTC Touchscreen Driver Critical Elevation of Privilege Vulnerability in Android Kernel ION Subsystem Elevation of Privilege Vulnerability in MediaTek Thermal Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in MediaTek Camera Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver on Android Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Crypto Engine Driver Elevation of Privilege Vulnerability in HTC Touchscreen Driver Elevation of Privilege Vulnerability in DTS Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Video Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in Synaptics Touchscreen Driver for Android Elevation of Privilege Vulnerability in HTC OEM Fastboot Command Elevation of Privilege Vulnerability in Qualcomm CP Access Driver Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver Broadcom Wi-Fi Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Sound Driver Critical Remote Code Execution Vulnerability in libmpeg2 in Mediaserver Critical Remote Code Execution Vulnerability in libstagefright in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Critical Remote Code Execution Vulnerability in libavc in Mediaserver Critical Remote Code Execution Vulnerability in libstagefright in Mediaserver Framework APIs Elevation of Privilege Vulnerability in Android Android Mediaserver Elevation of Privilege Vulnerability in libstagefright Libstagefright Elevation of Privilege Vulnerability in Android Mediaserver High-Risk Elevation of Privilege Vulnerability in Android's libstagefright Mediaserver High-Risk Elevation of Privilege Vulnerability in Audioserver on Android High-Risk Information Disclosure Vulnerability in Android Framework APIs High Severity Remote Denial of Service Vulnerability in libhevc in Mediaserver Remote Denial of Service Vulnerability in libstagefright in Mediaserver Bluetooth File Sharing Vulnerability Allows Unauthorized Access on Android 7.0-7.1.2 Bluetooth Information Disclosure Vulnerability in Android Denial of Service Vulnerability in libstagefright in Mediaserver Critical Elevation of Privilege Vulnerability in Qualcomm Power Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Qualcomm Sound Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability in MediaTek Power Driver Elevation of Privilege Vulnerability in MediaTek System Management Interrupt Driver Elevation of Privilege Vulnerability in MediaTek Video Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in MediaTek Command Queue Driver Elevation of Privilege Vulnerability in Qualcomm Pin Controller Driver Elevation of Privilege Vulnerability in Qualcomm Secure Channel Manager Driver Elevation of Privilege Vulnerability in Qualcomm Camera Driver Allows Arbitrary Code Execution Elevation of Privilege Vulnerability in Goodix Touchscreen Driver High-Risk Elevation of Privilege Vulnerability in HTC Bootloader High-Risk Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver for Android High-Risk Information Disclosure Vulnerability in MediaTek Command Queue Driver on Android Information Disclosure Vulnerability in Qualcomm Crypto Engine Driver Moderate Information Disclosure Vulnerability in Android Kernel UVC Driver Information Disclosure Vulnerability in Qualcomm Camera Driver Information Disclosure Vulnerability in Qualcomm Camera Driver Kernel Trace Subsystem Information Disclosure Vulnerability Information Disclosure Vulnerability in Qualcomm Camera Driver Information Disclosure Vulnerability in Qualcomm Sound Codec Driver Broadcom Wi-Fi Driver Information Disclosure Vulnerability Moderate Information Disclosure Vulnerability in Synaptics Touchscreen Driver for Android Remote Denial of Service Vulnerability in libstagefright in Mediaserver (Android) Elevation of Privilege Vulnerability in MediaTek Command Queue Driver Critical Remote Code Execution Vulnerability in libhevc in Mediaserver Remote Code Execution Vulnerability in Android System UI Component High-Risk Information Disclosure Vulnerability in Android Bluetooth Component High Severity Remote Denial of Service Vulnerability in Android Mediaserver Remote Denial of Service Vulnerability in libvpx in Mediaserver High Severity Remote Denial of Service Vulnerability in libhevc in Mediaserver High Severity Remote Denial of Service Vulnerability in Android Mediaserver Remote Denial of Service Vulnerability in Android Mediaserver Bluetooth Elevation of Privilege Vulnerability in Android Bluetooth Information Disclosure Vulnerability in Android Information Disclosure Vulnerability in libziparchive Allows Unauthorized Access to Sensitive Data Elevation of Privilege Vulnerability in Android Kernel FIQ Debugger Elevation of Privilege Vulnerability in MediaTek Sound Driver Synaptics Touchscreen Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Android Kernel-3.18 ION Subsystem High-risk Remote Code Execution Vulnerability in libxml2 on Android Android Framework Elevation of Privilege Vulnerability (Android ID: A-36491278) Android Framework Elevation of Privilege Vulnerability (Android ID: A-36991414) Android Framework Elevation of Privilege Vulnerability (Android ID: A-37285689) Android Framework Elevation of Privilege Vulnerability (Android ID: A-37478824) Android Information Disclosure Vulnerability Android Information Disclosure Vulnerability Android Denial of Service Vulnerability (A-36104177) Critical Remote Code Execution Vulnerability in Android Libraries (Android 4.4.4) Android Denial of Service Vulnerability (A-34778578) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-33974623) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-34231163) Critical Remote Code Execution Vulnerability in Android Media Framework (CVE-2020-12345) Android Media Framework Remote Code Execution Vulnerability (CVE-2017-13263) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-36035074) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36576151) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-36996978) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-37008096) Critical Remote Code Execution Vulnerability in Android Media Framework (Android ID: A-37208566) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36588422) Android Media Framework Remote Code Execution Vulnerability (Android ID: A-36591008) Android Media Framework Elevation of Privilege Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-34203195) Android Media Framework Denial of Service Vulnerability (Android ID: A-34231231) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-35584425) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-36724453) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-36993291) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (Android ID: A-37094889) Android Media Framework Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability (CVE-2017-13276) Android Media Framework Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android System UI (Android ID: A-35639138) Critical Remote Code Execution Vulnerability in Android System UI (Android 7.1.1 and 7.1.2) Critical Remote Code Execution Vulnerability in Android System UI (Android 7.1.1 and 7.1.2) Android System UI Elevation of Privilege Vulnerability Android System UI Elevation of Privilege Vulnerability (Android 7.1.1, 7.1.2) Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android HTC LED Driver Elevation of Privilege Vulnerability in Android Kernel HTC Sound Driver Information Disclosure Vulnerability in Android Kernel HTC Sensor Hub Driver Information Disclosure Vulnerability Elevation of Privilege Vulnerability in Android Kernel's Upstream Linux tcb Android Elevation of Privilege Vulnerability in MediaTek Networking Driver Android Wi-Fi Service Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android sfntly Libraries H263 Decoder Remote Code Execution Vulnerability in Android Media Framework Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (MPEG2 Decoder) Critical Remote Code Execution Vulnerability in Android Media Framework (MPEG2 Decoder) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) H263 Decoder Remote Code Execution Vulnerability in Android Media Framework Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Android Media Framework Denial of Service Vulnerability (libmpeg2) Android Media Framework (libskia) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Elevation of Privilege Vulnerability (libgui) Hevc Decoder Denial of Service Vulnerability in Android Media Framework Android Media Framework Elevation of Privilege Vulnerability H264 Decoder Denial of Service Vulnerability in Android Media Framework Android Media Framework Elevation of Privilege Vulnerability in MPEG4 Encoder Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Denial of Service Vulnerability (CVE-2017-13263) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability Android Media Framework (libhevc) Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Broadcom Networking Driver Android Elevation of Privilege Vulnerability in MediaTek GPU Driver Android Elevation of Privilege Vulnerability in MediaTek Video Driver Elevation of Privilege Vulnerability in NVIDIA Firmware Processing Code for Android Kernel (CVE-2017-0744) Android Media Framework AVC Decoder Remote Code Execution Vulnerability Android Elevation of Privilege Vulnerability in Qualcomm IPA Driver (A-35467471) Android Elevation of Privilege Vulnerability in Qualcomm Proprietary Component (A-32524214) Title: Qualcomm Audio Driver Information Disclosure Vulnerability in Android Kernel (A-35764875) Elevation of Privilege Vulnerability in Android Kernel (A-36007735) Elevation of Privilege Vulnerability in Android Kernel's Upstream Linux File System Elevation of Privilege Vulnerability in Qualcomm QCE Driver for Android Android Windowmanager Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android libgdx Libraries (Android ID: A-62218744) Android libminikin Elevation of Privilege Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Critical Remote Code Execution Vulnerability in Android Media Framework (libvorbis) Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libjhead) Android Media Framework Elevation of Privilege Vulnerability (libeffects) Android Media Framework Elevation of Privilege Vulnerability (CVE-2017-13263) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Elevation of Privilege Vulnerability (CVE-2019-38234812) Android Media Framework Denial of Service Vulnerability (libskia) Android Media Framework (libavc) Denial of Service Vulnerability Android Media Framework (libhevc) Denial of Service Vulnerability Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability (Audioflinger) Android Runtime Denial of Service Vulnerability (Android Messenger) Android Bluetooth Remote Code Execution Vulnerability (CVE-2017-0781) Critical Remote Code Execution Vulnerability in Android Bluetooth Bluetooth Information Disclosure Vulnerability in Android NFC Elevation of Privilege Vulnerability in Android System Bluetooth Information Disclosure Vulnerability in Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver for Android Broadcom Wi-Fi Driver Information Disclosure Vulnerability in Android Android Kernel Information Disclosure Vulnerability (A-35764946) Elevation of Privilege Vulnerability in Android Upstream Kernel SCSI Driver (A-35644812) Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek Auxadc Driver for Android Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Android MediaTek Kernel Elevation of Privilege Vulnerability (A-36100671) Android Elevation of Privilege Vulnerability in MediaTek Lastbus Elevation of Privilege Vulnerability in MediaTek TEEI on Android Elevation of Privilege Vulnerability in MediaTek libmtkomxvdec Android MediaTek Kernel Elevation of Privilege Vulnerability (A-36232120) Android MediaTek Accessory Detector Driver Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek MMC Driver for Android Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Gatekeeper Response Elevation of Privilege Vulnerability Android Framework Elevation of Privilege Vulnerability (A-35056974) Android File System Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libstagefright) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Elevation of Privilege Vulnerability (Audio HAL) Android Media Framework Denial of Service Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability (CVE-2017-13263) Android Media Framework Information Disclosure Vulnerability (CVE-2017-13263) Android Media Framework Information Disclosure Vulnerability (libstagefright) Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability: Remote Code Execution Android Camera Elevation of Privilege Vulnerability Android rild Information Disclosure Vulnerability Elevation of Privilege Vulnerability in Broadcom Wifi Driver for Android Broadcom WiFi Driver Information Disclosure Vulnerability in Android HTC Bootloader Elevation of Privilege Vulnerability in Android Kernel Elevation of Privilege Vulnerability in MediaTek SoC Driver for Android Critical Elevation of Privilege Vulnerability in Huawei Bootloader for Android Motorola Bootloader Elevation of Privilege Vulnerability in Android Kernel Elevation of Privilege Vulnerability in Android Framework's Device Policy Client Android Framework Elevation of Privilege Vulnerability in Window Manager (Android 8.0) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Elevation of Privilege Vulnerability (CVE-2020-12345) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Media Framework Information Disclosure Vulnerability (CVE-2020-12345) Android Media Framework Information Disclosure Vulnerability (libstagefright) Critical Remote Code Execution Vulnerability in Android libutils (Android ID: A-37723026) Bluetooth Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in MediaTek ccci on Android Android SyncStorageEngine Denial of Service Vulnerability Clipboard Information Disclosure Vulnerability in Android Framework Android Media Framework Elevation of Privilege Vulnerability (mediaanalytics) Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability in libavc Android Media Framework (libstagefright) Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability in libhevc Android Media Framework (libhevc) Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Memory Leak Vulnerability in MPEG4Extractor.cpp Android Media Framework Vulnerability: Remote Code Execution Android Media Framework Vulnerability (A-64836894) Android Media Framework Vulnerability: A-36075131 Android Elevation of Privilege Vulnerability in InputDispatcher ALSA Subsystem Use-After-Free Privilege Escalation Vulnerability Elevation of Privilege Vulnerability in Android Upstream Kernel (A-36006779) Elevation of Privilege Vulnerability in Android Upstream Kernel Video Driver (A-37950620) Title: Elevation of Privilege Vulnerability in MediaTek ioctl (flashlight) on Android Elevation of Privilege Vulnerability in MediaTek SoC Driver for Android Unchecked Input in NVIDIA Tegra X1 Direct Rendering Infrastructure Leads to Kernel Memory Corruption and Possible Code Execution Integer Overflow Vulnerability in NVIDIA Driver: High Risk of Privilege Elevation and Code Execution Elevation of Privilege Vulnerability in Android Framework (libminikin) Elevation of Privilege Vulnerability in Android Framework (Android 8.0) Critical Remote Code Execution Vulnerability in Android Media Framework (libskia) Android Media Framework Denial of Service Vulnerability (libmpeg2) Android Media Framework (libavc) Denial of Service Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libavc) Critical Remote Code Execution Vulnerability in Android Media Framework (libhevc) Android Media Framework Information Disclosure Vulnerability Android Media Framework (libskia) Denial of Service Vulnerability Unauthorized Subscription Vulnerability in Zulip Group Chat Application Server Sensitive User Credential Exposure in Multiple Versions of GitLab Permission Increase on Re-sharing via OCS API in Nextcloud Server Vulnerability: Unauthorized Creation of Folders in Read-Only Directories Information Disclosure Vulnerability in Nextcloud Server Endless Recursion Denial of Service Vulnerability in Nextcloud Server Bypassing Quota Limitation in Nextcloud Server Content-Spoofing Vulnerability in Nextcloud Server's Files App Server-Side Request Forgery (SSRF) Vulnerability in Paperclip Ruby Gem Version 3.1.4 and Later XSS Vulnerability in Nextcloud Server Search Module Inadequate Escaping of Error Messages Leading to XSS Vulnerabilities in Nextcloud Server Improper Session Handling Vulnerability in Nextcloud Server before 11.0.3 XSS Vulnerability in Nextcloud Server's JavaScript Library Vulnerability: Disclosure of Valid Share Tokens for Public Calendars in Nextcloud Server Disclosure of Calendar and Addressbook Names in Nextcloud Server Zulip Server 1.5.1 and below: Authenticated User Bypasses invite_by_admins_only Setting Weak Entropy in ExpressionEngine Object Signing Token (OST) Allows Remote Code Execution Format String Vulnerability in Ruby Vulnerability: Terminal Escape Sequence Execution in RubyGems Denial of Service Vulnerability in RubyGems 2.6.12 and Earlier File Overwrite Vulnerability in RubyGems Version 2.6.12 and Earlier RubyGems DNS Hijacking Vulnerability RubyGems YAML Deserialization Remote Code Execution Vulnerability Bypass Vulnerability in private_address_check Ruby Gem Server-Side Request Forgery vulnerability in Recurly Client Ruby Library's Resource#find method Server-Side Request Forgery Vulnerability in Recurly Client Python Library Server-Side Request Forgery Vulnerability in Recurly Client .NET Library Incomplete Blacklist Vulnerability in private_address_check Ruby Gem Cross-Realm User Account Creation Vulnerability in Zulip Server Callback Verification Flaw in Twitter Kit for iOS Allows Credential Manipulation Stored Cross-site Scripting Vulnerability in Ubiquiti UCRM Versions 2.5.0 to 2.7.7 Arbitrary File Read Vulnerability in Ubiquiti UCRM Versions 2.3.0 to 2.7.7 SQL Injection Vulnerability in GitLab MilestoneFinder Component Remote Code Execution Vulnerability in Gitlab Community Edition 10.2.4 Remote Code Execution Vulnerability in Gitlab Community Edition version 10.3 Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition version 10.2.4 Path Traversal Vulnerability in GitLab CI Runner Allows Remote Code Execution Authorization Bypass Vulnerability in GitLab Import Component Authorization Bypass Vulnerability in GitLab Community and Enterprise Editions Unverified Password Change Vulnerability in GitLab Community and Enterprise Editions Authorization Bypass Vulnerability in GitLab Enterprise Edition 10.3 Allows Information Disclosure on Board Objects Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition version 9.1 Persistent Cross Site Scripting Vulnerability in Gitlab Community Edition 10.2.4 Insufficiently Protected Credential Issue in Gitlab Enterprise Edition 10.1.0: Information Disclosure of Plaintext Password Improper Authorization Vulnerability in Gitlab Community Edition 10.3 Allows Unauthorized User Login via Oauth Sign-In Improper Authorization Vulnerability in Gitlab Community Edition 10.3 Allows Unauthorized Use of Deployment Keys by Guest Users External Control of Critical State Data in html-janitor Node Module: Bypassing Sanitization via User-Controlled '_sanitized' Variable DNN (DotNetNuke) before 9.2.0 Vulnerability: Server-Side Request Forgery (SSRF) in DnnImageHandler Path Traversal Vulnerability in Augustine Node Module Allows Unauthorized File Access Cross-Site Scripting (XSS) Vulnerability in html-janitor Node Module's clean() Method Privilege Escalation Vulnerability in Ubiquiti Networks EdgeOS CSRF Vulnerability in Ubiquiti Networks EdgeOS Versions 1.9.1 and Prior Improper Privilege Management Vulnerability in Ubiquiti Networks EdgeOS Improper Privilege Management Vulnerability in Ubiquiti Networks EdgeOS Authorization Bypass Through User-Controlled Key in Nextcloud Server Amplification Attacks via Discovery Protocol in airMAX and EdgeMAX Oracle Hospitality Reporting and Analytics Component Denial of Service Vulnerability Message Validation Bypass Vulnerability in FedMsg 0.18.1 and Older Directory Traversal and Code Execution Vulnerability in ATutor Course Component Privilege Escalation Vulnerability in ATutor Versions 2.2.1 and Earlier Multiple SQL Injection Vulnerabilities in ATutor Stored XSS Vulnerability in PHPMiniAdmin version 1.9.160630 Allows Account Takeover and Data Theft XSS Vulnerability in Plotly.js Versions Prior to 1.16.0 Incomplete Certificate Verification in txAWS (All Versions): Vulnerability to MitM Attacks and Information Disclosure CSRF Vulnerability in Chyrp Lite Version 2016.04 Allows Account Hijacking Shell Injection Vulnerability in Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 Allows Remote Execution Title: Audacity 2.1.2-2.3.2 DLL Hijacking Vulnerability Allows Arbitrary Code Execution Stored XSS Vulnerability in MyWebSQL Version 3.6: Account Takeover and Information Theft Stored XSS Vulnerability in MySQL Dumper version 1.24 Open Redirect Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 DOS Vulnerability in phpMyAdmin Table Editing Functionality CSS Injection Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 Cookie Injection Vulnerability Arbitrary MySQL Server Connection Vulnerability in phpMyAdmin 4.0, 4.4, and 4.6 DOS Vulnerability in phpMyAdmin Replication Status with Specially Crafted Table Name eCos Embedded Web Servers Vulnerability: SYN/FIN Flood Attack Enables Authentication Bypass XXE Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior: Indexing XML Documents Privilege Escalation Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior XSS Vulnerability in LogicalDoc Community Edition 7.5.3 and Prior: Preview of HTML Documents Information Disclosure in Shotwell Web Publishing Plugins: Potential Password and OAuth Token Plaintext Transmission Password Manager Sweep Attack in GNOME Web (Epiphany) Vulnerability: Directory Traversal Attack in Chef Software's mixlib-archive Open URL Redirect Vulnerability in Koozali Foundation SME Server User Web Login Function Directory Traversal Vulnerability in Oracle GlassFish Server Open Source Edition 4.1 Local File Inclusion Vulnerability in Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) Java Key Store Password Disclosure Vulnerability in Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) Cacti 0.8.8b SQL Injection Vulnerability in graph_templates_inputs.php Arbitrary Web Script Injection in Cacti 0.8.8b Reflected Cross-Site Scripting (XSS) Vulnerability in Vospari Forms WordPress Plugin Akka Remoting Component Java Deserialization Vulnerability XSS Window.Opener Attack Vulnerability in Tiny Tiny RSS RVM Vulnerability: Command Injection via Automatic Environment Variable Loading Stored XSS Vulnerability in WordPress Plugin Relevanssi 3.5.7.1 Framadate Version 1.0 Vulnerability: Formula Injection in CSV Export Leading to Information Disclosure and Code Execution Cross-Site Scripting Vulnerability in Mapbox.js TileJSON Name Field Cross-Site Scripting Vulnerability in Mapbox.js TileJSON Name and Map Share Control Memory Corruption Vulnerability in gtk-vnc 0.4.2 and Older Session Cookie Flag Not Set in Mautic 2.6.1 and Earlier Vulnerability: Directory Traversal in rbenv Allows Arbitrary Code Execution Denial of Service (DoS) Vulnerability in Web Framework Using ljharb's qs Module JasPer 2.0.12 Vulnerability: Denial-of-Service via NULL Pointer Exception in jp2_encode Arbitrary Script Injection in XWiki Labs CryptPad Pad Export Null Byte Injection Vulnerability in Elixir Plug.Static Component Arbitrary Code Execution Vulnerability in Elixir Plug Session Deserialization XSS Vulnerability in Rocket.Chat Markdown Link Parsing Privilege Escalation in Kubernetes PodSecurityPolicy Admission Plugin Stored XSS Vulnerabilities in Chevereto CMS (Versions < 3.8.11) - User Profile and Exif Data Parser Cross-Site Scripting (XSS) Vulnerability in Live Helper Chat version 2.06v and Older Unauthenticated SQL Injection in EONweb leading to Remote Root Access XML External Entity Expansion Vulnerability in xmlsec 1.2.23 and Earlier Versions Directory Traversal Vulnerability in KittoFramework Kitto 0.5.1 Allows Remote Code Execution XSS Vulnerability in KittoFramework Kitto Version 0.5.1: Information Disclosure via 404 Page Memory Exhaustion DoS Vulnerability in KittoFramework Kitto Version 0.5.1 OpenMediaVault 2.1 Access Rights Management XSS Vulnerabilities Inadvertent Decryption of Database Entries in KeePass 1.32 Blind SQL Injection Vulnerability in MODX Revolution 2.x - 2.5.6 Authentication Flaw in TestTrack Server Versions 1.0 and Earlier: Arbitrary Split Disablement Vulnerability CSRF Vulnerability in Bitly oauth2_proxy 2.1 during Authentication Flow Open Redirect Vulnerability in Bitly oauth2_proxy 2.1 and Earlier Authentication Bypass Vulnerability in Jasig phpCAS Version 1.3.4 Double Free Vulnerability in Creolabs Gravity Version 1.0 Heap Overflow Vulnerability in Creolabs Gravity Version 1.0 Stack Overflow Vulnerability in Creolabs Gravity v1.0's string_repeat() Function Stack Overflow Vulnerability in Creolabs Gravity Version 1.0 XSS Vulnerability in Linux Foundation ONOS 1.9 Device Registration DoS Vulnerability in Linux Foundation ONOS 1.9.0 Unauthenticated Use of Websockets in Linux Foundation ONOS 1.9.0 Unauthenticated Application Upload Vulnerability in Linux Foundation ONOS 1.9.0 Privilege Escalation Vulnerability in systemd v233 and Earlier Arbitrary Command Execution via TAR Archive in GNOME Evince Unauthenticated Project Triggering Vulnerability in Parameterized Trigger Plugin Improper Permissions and CSRF Vulnerability in Subversion Plugin Vulnerability: Unrestricted Access and Cross-Site Request Forgery in Periodic Backup Plugin GitHub Branch Source Credential ID Disclosure Vulnerability Unvalidated Input Allows Execution of JavaScript Schemes in Sidebar Link Plugin Unauthenticated Build Triggering Vulnerability in Jenkins Pipeline: Build Step Plugin Cross-Site Request Forgery Vulnerability in Role-based Authorization Strategy Plugin Improper Permissions and CSRF Vulnerability in GitHub Branch Source Plugin Jenkins Git Plugin Credential Leakage Vulnerability Cross-Site Request Forgery Vulnerability in Poll SCM Plugin Docker Commons Plugin Credential ID Exposure Vulnerability Unsafe Default Whitelist Entries Allowing Access to Private Data and Circumventing Script Security Incomplete Sandbox Protection in Pipeline Scripts Allows Arbitrary Code Execution Trust Preference Bypass Vulnerability in Darwin's Keychain Denial of Service Vulnerability in net/http's Request.ParseMultipartForm Method Heap Data Leakage in libcurl's File Retrieval Oracle Hospitality Simphony First Edition Vulnerability: Unauthorized Access and Data Compromise TFTP File Name Truncation Vulnerability Curl URL Globbing Heap Buffer Overflow Vulnerability Persisted Cross-Site Scripting Vulnerability in Static Analysis Utilities Plugin Persisted Cross-Site Scripting Vulnerability in Custom Details View of Static Analysis Utilities DRY Plugin Vulnerability: Unauthorized Access to Configuration Files Containing Secrets in Config File Provider Plugin Vulnerability: Insufficient Permission Check in Blue Ocean for Access to Archived Artifacts Unauthenticated Arbitrary Commit and File Access in Blue Ocean Vulnerability: Bypassing Sandbox Protection in Script Security Plugin Pipeline Input Step Plugin Vulnerability Persisted Cross-Site Scripting Vulnerability in OWASP Dependency-Check Plugin's Custom Details View Blue Ocean GitHub Organization Folder Misconfiguration Vulnerability Heap Out-of-Bounds Vulnerability in AF_PACKET Sockets Memory Corruption Vulnerability in Linux Kernel: UFO to Non-UFO Path Switch Unencrypted Password Storage in Deploy to Container Plugin Datadog Plugin API Key Exposure Vulnerability Symlink Vulnerability in Mercurial Prior to Version 4.3 Allows Modification of Files Outside Repository Shell-injection vulnerability in Mercurial prior to version 4.3 due to inadequate hostname sanitization in ssh Remote Code Execution via Crafted ssh://... URL Akka HTTP <= 10.0.5 Denial of Service Vulnerability Vulnerability: PHP Code Execution in October CMS Build 412 File Upload Functionality SQL Injection Vulnerability in frappe.share.get_users Integer Overflow and Buffer Overflow in UNIX IPC Layer of WebKitGTK+ (CVE-2021-30663) Denial of Service Vulnerability in UNIX IPC Layer of WebKitGTK+ Codiad (Full Version) Vulnerability: Arbitrary File Write and Webshell Upload Stack Out of Bounds Read Vulnerability in exiv2 0.26 WebP Parser Heap Buffer Overflow in Exiv2 0.26 TIFF Parser Stack Out of Bounds Read Vulnerability in Exiv2 0.26 JPEG2000 Parser Serendipity 2.0.3 SQL Injection Vulnerability in Blog Component Improper Implementation of MNet SSO API Function in Mahara Remote Code Execution via Malicious .swf File Download in Mahara User Artefact Inclusion Vulnerability in Mahara Versions 15.04, 15.10, and 16.04 Access Permission Vulnerability in Mahara Persistent Login Vulnerability in Mahara Session Invalidation Vulnerability in Mahara Versions 1.8 - 1.10.1 and 15.04.0 Possible Cross-Site Scripting Vulnerability in Mahara 1.10 and 15.04 Cross-Site Scripting (XSS) Vulnerability in Mahara 1.10 and 15.04 Server-side Request Forgery Vulnerability in Mahara Versions 1.8 to 1.8.7, 1.9 to 1.9.5, 1.10 to 1.10.3, and 15.04 to 15.04.0 XML File Code Execution Vulnerability in Mahara User Account Manipulation Vulnerability in Mahara URL Manipulation Vulnerability in Mahara Versions 1.8 to 1.8.7, 1.9 to 1.9.5, 1.10 to 1.10.3, and 15.04 to 15.04.0 Watchlist Notification Vulnerability Cross-Site Scripting (XSS) vulnerability in Mahara 1.9, 1.10, and 15.04 Vulnerability: Unauthorized Anonymous Comments on Mahara Artefact Detail Pages Arbitrary Execution of Javascript in Mahara Portfolio Page Title Cross-Site Request Forgery (CSRF) Vulnerability in Mahara's Filebrowser Widget PHP Code Execution Vulnerability in Mahara XSS Vulnerability in Mahara Versions 1.10 and 15.04 Session Fixation Vulnerability in Mahara 15.04 and 15.10 Sensitive Information Leakage via Unusual Parameters in Mahara Versions 15.04, 15.10, and 16.04 Session Hijacking Vulnerability in Mahara 15.04 and 15.10 Vulnerability: Incorrect Access Control in Mahara Authentication Bypass Vulnerability in Mahara Unrestricted Access to Profile Pictures in Mahara Versions 15.04, 15.10, and 16.04 Group Configuration Page Edit Vulnerability Vulnerability: Plain Text Password Recording in Mahara Event Log Integer Overflow Vulnerability in PyString_DecodeEscape Function in CPython Title: Command Injection Vulnerability in Evince Print to PDF (Versions < 3.25.91) Cross-Site Scripting (XSS) Vulnerability in EllisLab ExpressionEngine 3.4.2 Allows PHP Code Injection Unvalidated URL Redirection Vulnerability in Phoenix Framework Critical XSS Vulnerability in Tine 2.0 Version 2017.02.4: Code Execution and Privilege Escalation Vulnerability: Degenerate Public Keys in sodiumoxide 0.0.13 and older scalarmult() Arbitrary File Write Vulnerability in QuickerBB <= 0.7.2 Directory Traversal Vulnerability in jqueryFileTree 2.1.5 and Older Versions Plain Text Password Vulnerability in Mahara Mobile before 1.2.1 Heap Use-After-Free Vulnerability in Creolabs Gravity Version 1.0 Heap-Buffer-Overflow Vulnerability in Creolabs Gravity Version 1.0 SWFTools: Address Access Exception in swfdump swf_GetBits() Vulnerability SWFTools swfc memcpy Buffer Overflow Vulnerability Memory Leak Vulnerability in SWFTools' wav2swf SWFTools gif2swf memcpy Buffer Overflow Vulnerability Critical Stack Overflow Vulnerability Discovered in SWFTools' pdf2swf Address Access Exception in pdf2swf's FoFiTrueType::writeTTF() Cross-site Scripting (XSS) Vulnerability in Node.js EJS.renderFile() Allows Code Injection Denial-of-Service Vulnerability in Node.js EJS Version < 2.5.5 Critical XXE Vulnerability in SimpleXML 2.7.1: Exploiting SSRF, Information Disclosure, and DoS Jool 3.5.0-3.5.1 Kernel Crash Vulnerability: Denial of Service (DoS) Local File Inclusion Vulnerability in Cygnux sysPass Version 2.1.7 and Older Stored XSS Vulnerability in October CMS build 412 via Brand Logo Image Name Vulnerability: Apache Configuration Modification via File Upload in October CMS Build 412 Vulnerability: PHP Object Injection in October CMS Build 412 Asset Move Functionality Vulnerability: PHP Code Execution in October CMS Build 412 Asset Manager File Path Modification Vulnerability in October CMS Build 412 Denial of Service Vulnerability in tcmu-runner Daemon (Versions 0.9.0 to 1.2.0) Information Disclosure Vulnerability in tcmu-runner's handler_qcow.so Oracle Hospitality Inventory Management Component Vulnerability NULL Pointer Dereference Vulnerability in tcmu-runner Daemon's on_unregister_handler() Function Local Denial of Service Vulnerability in tcmu-runner Daemon Vulnerability: Authenticated Shell Metacharacter Injection in ROOTd Daemon Buffer Overflow Vulnerability in samtools htslib Library Version 1.4.0 and Earlier: Potential Arbitrary Code Execution Arbitrary Code Execution Vulnerability in Swagger-Parser and Swagger Codegen Arbitrary Code Execution Vulnerability in Swagger-Parser and Swagger-Codegen Insecure SSL/TLS Server Verification in Java WebSocket Client Stack Buffer Overflow Vulnerability in picoTCP (Versions 1.7.0 - 1.5.0) Allows Code Execution or Denial of Service Attack Use After Free Vulnerability in Lynx HTML Parser Allows Memory Disclosure Remote Code Execution Vulnerability in Elixir's alchemist.vim Plugin Reflected XSS Vulnerability in WBCE v1.1.11 via begriff POST Parameter in /admin/admintools/tool.php?tool=user_search OS Command Injection Vulnerability in GitPHP by xiphux Unauthenticated Shell Command Injection in ROOT xrootd Version 4.6.0 and Below: Remote Code Execution Vulnerability Arbitrary Code Execution Vulnerability in Opencast 2.3.2 and Older Versions Buffer Overflow Vulnerability in LightFTP Version 1.1: Remote Code Execution and Denial of Service Windows-CPU npm Package Vulnerable to Command Injection and Code Execution as Node.js User Arbitrary Command Execution Vulnerability in soyuka/pidusage <=1.1.4 Access Control Bypass in Opencast 2.2.3 and Older Stored XSS Vulnerability in MODX Revolution CMS Allows for Account Takeover Critical CSRF Vulnerability in YouTube WordPress Plugin Allows Unauthorized Modification of Plugin Settings Critical Reflected XSS Vulnerability in Relevanssi Premium 1.14.8 Allows Unauthenticated Attackers to Gain Admin-Level Access User Enumeration Vulnerability in Stop User Enumeration 1.3.8 Plugin via REST API Stored XSS Vulnerability in Salutation Responsive WordPress + BuddyPress Theme v3.0.15 Allows Logged-in Users to Gain Admin Privileges Remote Code Execution Vulnerability in Node.js EJS Versions < 2.5.3 Remote Code Execution and Denial of Service Vulnerability in optipng 0.7.6 Snap7 Server 1.4.1 Denial of Service Vulnerability Double-Free Vulnerability in ldns 1.7.0's parse.c with Unspecified Impact and Attack Vectors Double-Free Vulnerability in ldns 1.7.0's str2host.c with Unspecified Impact and Attack Vectors Directory Enumeration Vulnerability in I, Librarian version <=4.6 & 4.7 OS Command Injection in batchimport.php in I, Librarian version <=4.6 & 4.7 Reflected Cross-Site Scripting Vulnerability in I, Librarian <=4.6 & 4.7 temp.php Server-Side Request Forgery in I, Librarian <=4.6 & 4.7: Password Reset Vulnerability Arbitrary File Upload Vulnerability in InvoicePlane v1.4.10 Stored Cross Site Scripting Vulnerability in InvoicePlane version 1.4.10 Multiple Reflected & Stored Cross-Site Scripting (XSS) Vulnerabilities in OpenEMR 5.0.0 and Prior Versions Vertical Privilege Escalation Vulnerability in OpenEMR Version 5.0.0 and Prior Insecure Permissions in Jenkins Git Client Plugin Leads to Information Disclosure Unauthenticated User Can Manipulate Favorites in Jenkins Favorite Plugin 2.1.4 and Older CSRF Vulnerability in Jenkins Favorite Plugin (Version 2.2.0 and Older) Allows Data Modification Plaintext Storage of SSH Credentials in Configuration File Weak Encryption of Data in pysaml2 IDP Server HTTP Header Injection in CodeIgniter 3.1.3 set_status_header() Function under Apache Unsafe Object Loading Vulnerability in Redis-store <=v1.3.0 Stack buffer overflow vulnerability in file() function allows arbitrary code execution SDP Server Information Disclosure Vulnerability BlueBorne: Remote Code Execution Vulnerability in Linux Kernel Bluetooth Stack Denial of Service Vulnerability in Linux Kernel's KVM Subsystem Unpatched Linux Kernels Vulnerable to Address Allocation Issue Heap Buffer Overflow in libcurl FTP PWD Response Parsing Kernel Stack Pointer Overwrite Vulnerability on Linux PowerPC Vulnerability: Insecure SSL/TLS Certificate Validation in libvirt IMAP FETCH Response Zero-Byte Data Vulnerability Solaris Network Services Library Vulnerability Unauthenticated Remote Code Execution in Jenkins Versions 2.56 and Earlier Jenkins User Impersonation Vulnerability XStream: Java Crash Vulnerability in Jenkins Versions 2.56 and Earlier Jenkins User Database Authentication Realm Vulnerability OpenDaylight odl-l2switch-switch Denial of Service Vulnerability OpenDaylight 4.0: Controller Exception Prevents Adding Subsequent Flow for Switch OpenDaylight odl-mdsal-xsql Vulnerability: Java Out of Memory Error and Resource Consumption Increase Vulnerability: StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql OpenDaylight DOMRpcImplementationNotAvailableException Vulnerability World-readable backup directory containing re-encrypted secrets in Jenkins Linux drivers/char/lp.c Out-of-Bounds Write Vulnerability Stack Guard Page Bypass Vulnerability in Linux Kernel Vulnerability: Bypassing Size Restriction on Arguments and Environmental Strings in Linux Kernel Heap/Stack Alias Vulnerability in glibc 2.25 and Earlier Vulnerability in Todd Miller's sudo version 1.8.20 and earlier: Input Validation (Embedded Spaces) in get_process_ttyname() Function Vulnerability in Todd Miller's sudo version 1.8.20p1 and earlier: Information Disclosure and Command Execution Exim Multiple -p Command Line Argument Arbitrary Code Execution Vulnerability Vulnerability: Offset2lib Patch Bypass in Linux Kernel 4.11.5 and Earlier (i386) Vulnerability: Stack Guard Page Bypass in Linux Kernel 4.11.5 (i386) Stack Guard Page Bypass Vulnerability in OpenBSD 6.1 and Earlier Versions Recursive qsort() Vulnerability in OpenBSD 6.1 and Earlier Versions Vulnerability: Stack Guard Page Bypass in NetBSD 7.1 and Earlier Versions Stack-based ASLR Bypass Vulnerability in NetBSD 7.1 and Earlier Versions Vulnerability: Executable Stack in libffi Allows Arbitrary Code Execution Stack Guard Page Bypass Vulnerability in PAX Linux Kernel Vulnerability: Recursive and Non-Randomized qsort() Function in NetBSD Stack Mapping Vulnerability in Linux Kernel 4.11.5 on AMD64 Systems Data Race Vulnerability in ALSA /dev/snd/timer Driver Allows Unauthorized Information Disclosure Memory Read Vulnerability in c-ares `ares_parse_naptr_reply()` Function Vulnerability: Insecure Swap File Creation in VIM Insecure Backup File Creation in GNU Emacs Erlang OTP TLS Server Vulnerability: Bleichenbacher Attack Variation Arbitrary HTML Injection in Jenkins Active Choices Plugin Unencrypted Storage and Transmission of Credentials in Jenkins Build-Publisher Plugin Unauthenticated Modification of Dependency Graph in Jenkins Dependency Graph Viewer Plugin Potential Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities in Jenkins Global-Build-Stats Plugin Unauthenticated Access to Resume Build in Jenkins Multijob Plugin User ID Directory Escaping Vulnerability in Jenkins Cross-Site Scripting (XSS) Vulnerability in Jenkins Autocompletion Suggestions Arbitrary Command Execution Vulnerability in Jenkins Denial-of-Service Vulnerability in Jenkins 2.73.1 and Earlier, 2.83 and Earlier Information Disclosure Vulnerability in Jenkins Vulnerability: SSL Certificate Verification Bypass in Jenkins 2.73.1 and earlier, 2.83 and earlier Jenkins Maven Plugin Vulnerability: SSL Certificate Verification Bypass (CVE-2012-6153) Information Disclosure Vulnerability in Jenkins API Jenkins Remote API Information Disclosure Vulnerability Solaris Kernel Takeover Vulnerability Information Disclosure Vulnerability in Jenkins Remote API Sensitive Secrets Logging Vulnerability in Jenkins Jenkins Swarm Plugin Client Vulnerability: SSL Certificate Verification Bypass (CVE-2012-6153) Jenkins Speaks! Plugin Privilege Escalation Vulnerability Cross-Site Scripting Vulnerability in Jenkins Delivery Pipeline Plugin Vulnerability: Dirty COW-like vulnerability in Linux Kernel versions 2.6.38 through 4.14 Password Cache Persistence Vulnerability in OpenDaylight Karaf 0.6.1-Carbon Denial of Service Vulnerability in Linux Kernel 2.6.32 and Later: Diagnostic Port 0x80 Flooding Memory Leak Vulnerability in glibc 2.1.1 via LD_HWCAP_MASK Environment Variable Buffer Overflow Vulnerability in glibc 2.5 via LD_LIBRARY_PATH Uninitialized Stack Variable Info Leak in Linux Kernel L2CAP Processing Vulnerability: OpenFlow Plugin and OpenDayLight Controller Memory Resource Consumption Vulnerability: Bellcore Attack Compromising RSA Private Key in Linaro's OP-TEE 2.4.0 and Older Versions Timing Attack Vulnerability in OP-TEE's Montgomery Implementation Compromising RSA Private Key JPEGsnoop Version 1.7.5 Vulnerability: Division by Zero in JFIF Decode Handling Incorrect UTCTime date range validation in MatrixSSL version 3.7.2 allows for 100-year certificate expiration extension ASN.1 Parser Vulnerability in axTLS Version 1.5.3: Misinterpretation of UTCTime as 2050 OID Spoofing Vulnerability in MatrixSSL 3.7.2 Heap-based Buffer Overflow in WildMIDI's WildMidi_Open Function SSRF Vulnerability in phpBB 3.2.0 Remote Avatar Function Symlink Traversal Vulnerability in Syncthing Versions 0.14.33 and Older Use-after-free vulnerability in Gifsicle gifview 1.89 and older allows potential code execution Integer Overflow Vulnerability in Gnome gdk-pixbuf 2.36.8 and Older: Memory Corruption and Code Execution Unauthenticated PHP Code Execution in b2evolution v6.6.0 - v6.8.10 URL Spoofing Vulnerability in Github Electron Arbitrary Script Injection in Liferay Portal CE 7.0 GA4 and Older Cross Site Scripting Vulnerability in MapProxy Demo Service XSS Vulnerability in Marked Version 0.3.6 and Earlier: Data URI Parser Reflected and Stored XSS Vulnerabilities in flatCore-CMS 1.4.6 Reflected XSS Vulnerability in FineCMS 5.0.10 Weixin.php File Buffer Overflow Vulnerability in rust-base64 <= 0.5.1 during Base64 Encoding eZ Publish Search Module XSS Vulnerability CSRF Vulnerability in Vanilla Forums Allows Unauthorized Deletion of Topics and Comments Authentication Bypass Vulnerability in pysaml2 Version 4.4.0 and Older Open Redirect Vulnerability in Furikake WordPress Plugin (Version 0.1.0) Stack-Based Buffer Overflow in Creolabs Gravity 1.0 Operator_String_Add Function: Remote Code Execution Vulnerability User Data Manipulation via Path Manipulation Vulnerability in OMERO 5.3.3 or Earlier XSS Vulnerability in Passbolt API Version 1.6.4 and Older: URL Field in Password Workspace XSS Vulnerability in Eleix Openhacker v0.1.47 Bank Transactions Component Eleix Openhacker v0.1.47: SQL Injection Vulnerability in Account Registration and Login Component Null Pointer Dereference Vulnerability in ImageMagick 7.0.7-1 and Older Versions: Potential Denial of Service Directory Traversal Vulnerability in Structured Data Linter Allows Information Disclosure Integer Overflow Vulnerability in FillUniColor and FillUniGray Functions in OpenCV Command Injection Vulnerability in fs-git Version 1.0.1 XML Signature Wrapping Vulnerability in Samlify and Express-saml2: Impersonation of Arbitrary Users Smarty Templating Injection in CMS Made Simple Core Modules Allows Unauthenticated PHP Code Execution Smarty Template Injection in CMS Made Simple 2.1.6, 2.2, and 2.2.1: Local File Read and Inclusion Vulnerability Improper POSIX Hard Links in GuixSD: Violation of Security Assumption Boundary Validation Failure in TextPool::addWord Leads to Overflow in libpoppler 0.60.1 Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability in mojoPortal Help.aspx Out of Bounds Write Vulnerability in Bro v2.5.2 ContentLine Analyzer XSS Vulnerability in Leanote <= 2.5: Unsanitized Input in Markdown Notes NULL dereference exception caused by uninitialized get_bits context in libavcodec/h264dec.c:500 Vulnerability: Incorrect Access Control in Brave Browser's JS Fingerprinting Blocking Component Stored Cross-Site Scripting Vulnerability in BookStack Version 0.18.4 Stored Cross-Site Scripting Vulnerability in Leafpub Version 1.2.0-beta6 Stored Cross-Site Scripting Vulnerability in Sulu-standard Version 1.6.6 Stored Cross-Site Scripting Vulnerability in Invoice Ninja v3.8.1 Stored Cross-Site Scripting Vulnerability in LavaLite 5.2.4 Blog Creation Page Cobbler 2.8.2 Command Injection Vulnerability: Arbitrary Code Execution as Root User Integer Overflow in EmbedThis GoAhead Webserver: A Denial of Service Vulnerability NULL Pointer Dereference Vulnerability in EmbedThis GoAhead Webserver 4.0.0: Memory Corruption and Denial of Service Zip Path Traversal Vulnerability Multiple Command Injection Vulnerabilities in Linux Dash v2 Multiple SQL Injection and XSS Vulnerabilities in Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 Unquoted Path Service Vulnerability in FreeSSHd 1.3.1 ImageMagick 7.0.7-12 Q16 CPU Exhaustion Denial of Service Vulnerability XXE Vulnerability in XMLBundle version 0.1.7: Denial of Service Exploit Stored Cross-Site Scripting Vulnerability in ELabftw Version 1.7.8: Arbitrary JavaScript Execution and Denial of Service Vulnerability: Clickjacking Attack in pfSense Versions 2.4.1 and Lower PHP Code Injection Vulnerability in Smarty 3 before 3.1.32 Vulnerability: Open Redirect and Cross-Site Scripting (XSS) in Plone 2.5-5.1rc1 Plone 2.5-5.1rc1 Profile Home Page JavaScript Execution Vulnerability Plone 4 and 5: Private Content Access Vulnerability via str.format Open Redirect Vulnerability in Plone 2.5-5.1rc1 Insecure Permissions in Nylas Mail Lives 2.2.2 Expose Sensitive Authentication Information Remote Code Execution Vulnerability in Primetek Primefaces 5.x Command Injection Vulnerability in Plexus-utils before 3.0.16 Inline JS XSS Vulnerability in Mautic Forms with GET Parameter Pre-population SSO Plugin in Mautic Versions 2.0.0 - 2.11.0 Allows Disabled User Login via Email Address File Download Vulnerability in Mautic Versions 1.0.0 - 2.11.0 XSS Vulnerability in Shiba Markdown Live Preview App v1.1.0 with Enabled Node Integration Vulnerability in Leanote-desktop v2.5: XSS Exploit with Node Integration NoSQL Injection Vulnerability in Rocket.Chat Server 0.59 and Prior: Administrator Account Takeover Uninitialized Stack Variable Vulnerability in miniupnpd < 2.0 Stored Cross-site Scripting Vulnerability in QuickApps CMS 2.0.0: Exploiting User's Real Name Field for Denial of Service and Unauthorized Account Actions XXE Vulnerability in Commsy Version 9.0.0: Denial of Service and Remote Code Execution XXE Vulnerability in Pepperminty-Wiki v0.15: Denial of Service and Remote Code Execution AndroidSVG 1.2.2 Vulnerability: XXE Attacks in SVG Parsing Component Leading to Denial of Service and Remote Code Execution CSRF Vulnerability in phpMyAdmin versions 4.7.x Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Path Traversal Flaw in Awstats Version 7.6 and Earlier Allows Unauthenticated Remote Code Execution Arbitrary Shell Command Execution Vulnerability in Jenkins 1.37 and Earlier Race Condition Vulnerability in Jenkins Setup Wizard Initialization Race Condition Vulnerability in Jenkins Startup Process Arbitrary File Read Vulnerability in Jenkins Script Security Plugin Cross Site Scripting (XSS) Vulnerability in Mautic Version 2.11.0 and Earlier: Company Name Exploitation Cross Site Scripting (XSS) Vulnerability in Canvs Canvas Version 3.4.2 Allows for Denial of Service and JavaScript Code Execution Cross Site Scripting (XSS) Vulnerability in Invoice Plane 1.5.4 and Earlier Cross Site Scripting (XSS) Vulnerability in Dolibarr Version 6.0.2 Product Details Croogo version 2.3.1-17-g6f82e6c Cross Site Scripting (XSS) Vulnerability in Page Name Vulnerability in Oracle FLEXCUBE Private Banking Allows Unauthorized Data Manipulation WordPress <4.9 Thumbnail Processing Input Validation Remote Code Execution Vulnerability Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Private Banking Oracle FLEXCUBE Private Banking Unauthorized Read Access Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data manipulation Vulnerability in Oracle FLEXCUBE Private Banking FileUploads Component Arbitrary Page Modification Vulnerability in WordPress REST API Stored Cross-Site Scripting Vulnerability in PluXml Version 5.6 Allows Privilege Escalation Arbitrary Code Execution Vulnerability in math.js (before 3.17.0) Unicode Character Vulnerability in math.js (before 3.17.0) Allows Replacement of Private Properties Arbitrary Code Execution in typed-function Before 0.10.6 Oracle FLEXCUBE Private Banking Component Vulnerability Vulnerability in Oracle FLEXCUBE Private Banking component allows unauthorized data access and manipulation Unauthenticated Takeover Vulnerability in Sun ZFS Storage Appliance Kit (AK) User Interface Vulnerability in Oracle Hospitality Hotel Mobile component allows unauthorized data manipulation Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Unauthenticated Takeover Vulnerability in Sun ZFS Storage Appliance Kit (AK) Vulnerability in PeopleSoft Enterprise PeopleTools Workcenter Component Vulnerability in PeopleSoft Enterprise FSCM Component Allows Unauthorized Data Manipulation Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Unauthenticated File Upload Vulnerability in Mobile-Friendly-App-Builder-by-EasyTouch Plugin v3.0 Unlicensed Vulnerability in Mobile App Builder by Wappress v1.05 Plugin Unlicensed Vulnerability in WordPress Plugin WebApp-Builder v2.0 Unlicensed Vulnerability in WordPress Plugin wp2android-turn-wp-site-into-android-app v1.1.4 SQL Injection Vulnerability in DTracker v1.5 WordPress Plugin SQL Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthorized Contact Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthorized Contact Injection Vulnerability in DTracker v1.5 WordPress Plugin Unauthenticated File Download Vulnerability in WordPress Plugin Membership Simplified for OAP Members Only v1.58 Blind SQL Injection Vulnerability in Membership Simplified v1.58 WordPress Plugin Blind SQL Injection Vulnerability in Membership Simplified v1.58 WordPress Plugin Stored XSS Vulnerability in WordPress Plugin Image-Gallery-with-Slideshow v1.5.2 SQL Injection Vulnerability in image-gallery-with-slideshow v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Blind SQL Injection Vulnerability in Image Gallery with Slideshow Plugin v1.5.2 Unauthenticated File Upload Vulnerability in flickr-picture-backup v0.7 WordPress Plugin Stored XSS Vulnerability in WordPress Plugin Gift-Certificate-Creator v1.0 Blind SQL Injection Vulnerability in Eventr WordPress Plugin v1.02.2 Blind SQL Injection Vulnerability in Eventr WordPress Plugin v1.02.2 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in WordPress Plugin Surveys v1.01.8 SQL Injection Vulnerability in Easy Team Manager v1.3.2 Plugin Unauthenticated File Upload Vulnerability in Kind Editor v4.1.12 SQL Injection Vulnerability in WordPress Plugin add-edit-delete-listing-for-member-module v1.0 SQL Injection Vulnerability in Event Expresso Free v3.1.37.11.L WordPress Plugin SQL Injection Vulnerability in rk-responsive-contact-form v1.0 Plugin SQL Injection Vulnerability in WordPress Gallery Transformation Plugin v1.0 Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Default Access Permissions for Persistent Volumes in Kubernetes Azure Provider Expose Unauthenticated Public Access Kubernetes Subpath Volume Mount Vulnerability Arbitrary File/Directory Deletion Vulnerability in Kubernetes Open Redirect Vulnerability in python-fedora 0.8.0 and lower: CSRF Protection Loss Improper Authorization in Pagure 3.3.0 and Earlier Leads to Loss of Confidentiality Cross-Site Scripting (XSS) Vulnerability in Bodhi 2.9.0 and Lower Koji 1.13.0 SCM Path Validation Bypass Vulnerability Unsafe Function in modulemd 1.3.1 and Earlier Allows Remote Code Execution Unauthorized Read Access Vulnerability in Oracle FLEXCUBE Private Banking Unescaped Single Quote Vulnerability in Haml Oracle FLEXCUBE Private Banking Component Unauthorized Access Vulnerability Vulnerability in Oracle BI Publisher Layout Tools: Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher Allows Unauthorized Access and Data Manipulation Oracle SOA Suite Fabric Layer Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) - Unauthorized Access and Data Compromise Vulnerability in Oracle Communications Convergence Component: Unauthorized Data Access and Manipulation Oracle Transportation Management Access Control List Vulnerability Oracle WebCenter Sites Support Tools Unauthenticated Access Vulnerability Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise Vulnerability in Oracle BI Publisher component of Fusion Middleware: Unauthorized Access and Data Compromise Solaris NFSv4 Denial of Service Vulnerability Oracle BI Publisher Web Service API Unauthenticated Access Vulnerability Critical Data Access Vulnerability in Primavera P6 Enterprise Project Portfolio Management Oracle Agile PLM Web Client Vulnerability Vulnerability in Oracle WebCenter Content component allows unauthorized access and data manipulation Vulnerability in Oracle BI Publisher component of Fusion Middleware (Web Server Subcomponent) Solaris IKE Denial of Service Vulnerability Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware Vulnerability in Oracle Hospitality Reporting and Analytics component allows unauthorized data access and manipulation Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Vulnerability in Primavera P6 Enterprise Project Portfolio Management: Unauthorized Data Access and Manipulation Vulnerability in MICROS BellaVita Component of Oracle Hospitality Applications: Unauthorized Data Access and Manipulation Oracle Enterprise Repository Web Interface Unauthenticated Remote Code Execution Vulnerability Vulnerability in Siebel Core CRM component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality Suite8 WebConnect Component Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Java SE, Java SE Embedded, and JRockit: Unauthorized Partial Denial of Service Oracle Hospitality Cruise Materials Management Component Vulnerability Vulnerability in Oracle iPlanet Web Server Allows Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality 9700 Component Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub Discussion Forum Component Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Data Access and Modification Vulnerability in Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service) allows unauthorized access and data manipulation Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component Solaris Solaris Component Oracle Java Web Console Vulnerability Vulnerability in Oracle WebLogic Server component of Oracle Fusion Middleware: Unauthorized Data Access and Partial Denial of Service Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Data Access and Manipulation Oracle Retail Point-of-Service Vulnerability: Unauthorized Data Access and Modification Oracle E-Business Suite Oracle Forms Unauthenticated Access Vulnerability Java SE Vulnerability: Unauthenticated Takeover via Multiple Protocols Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Access and Data Compromise Oracle Payment Interface Vulnerability: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE Allows Unauthorized Takeover Vulnerability in Oracle WebCenter Content component allows unauthorized access and data compromise Vulnerability in Oracle Hospitality Simphony First Edition Venue Management component allows unauthorized data access and manipulation Oracle Applications DBA Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation Vulnerability in Oracle Java SE: Unauthorized Access and Data Manipulation Oracle Hospitality Suites Management Component Vulnerability Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE Allows Unauthorized Data Access Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation Oracle FLEXCUBE Universal Banking Report Generator Unauthorized Access Vulnerability Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Access and Data Manipulation Java SE JavaFX Vulnerability: Unauthenticated Takeover of Java SE Critical Vulnerability in Oracle Java SE: Compromise of Java SE and Java SE Embedded Oracle Agile PLM Component Vulnerability: Unauthorized Data Access and Manipulation Vulnerability in Oracle Java SE ImageIO Component: Remote Code Execution Java SE and Java SE Embedded Vulnerability: Unauthorized Takeover Vulnerability in Oracle Enterprise Manager Base Platform Allows Unauthorized Data Access and Modification Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Oracle Agile PLM Unauthenticated Read Access Vulnerability Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation Solaris Kernel Unauthorized Data Access Vulnerability Vulnerability in Java SE and Java SE Embedded: JAXP Component Oracle Hospitality Reporting and Analytics Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle SPARC M7, T7, S7 Servers Firmware: Unauthorized Denial of Service (DoS) Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Java SE and Java SE Embedded: JAXP Component Java SE, Java SE Embedded RMI Vulnerability Oracle FLEXCUBE Private Banking Component Unauthorized Access Vulnerability Vulnerability in Java Advanced Management Console allows unauthorized access and data manipulation Vulnerability in Oracle Java SE Deployment Component (CVE-2017-10271) Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component Vulnerability in Java SE RMI Component Allows Unauthorized Takeover Java SE, Java SE Embedded, JRockit Serialization Vulnerability Java SE, Java SE Embedded, JRockit Serialization Vulnerability Java SE AWT Component Vulnerability Vulnerability in Oracle Java SE: Unauthenticated Remote Code Execution Oracle iStore User Registration Vulnerability Oracle Common Applications Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Java SE with JavaFX Component: Unauthenticated Remote Code Execution Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Java SE, Java SE Embedded, JRockit Vulnerability: Unauthenticated Remote Code Execution Java Advanced Management Console Server Vulnerability: Unauthorized Data Access Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Vulnerability in Oracle Service Bus component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise Oracle Database Server RDBMS Security Component Unauthorized Data Access Vulnerability Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Access and Data Manipulation Solaris Kernel Unauthorized Data Access Vulnerability Unauthorized Read Access Vulnerability in Oracle WebLogic Server Java SE Deployment Vulnerability: Potential Takeover and Impact on Additional Products Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Data Access and Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Remote Takeover Vulnerability in Oracle iStore User Management Component of Oracle E-Business Suite Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (Web Access) Unauthorized Data Manipulation Vulnerability in Oracle Hospitality Hotel Mobile (Suite8/iOS) Unauthorized Data Manipulation Vulnerability in Oracle Hospitality Hotel Mobile Vulnerability in PeopleSoft Enterprise FSCM eProcurement Component (9.2) Allows Unauthorized Data Access Unauthenticated Access Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (CVE-2017-10271) Oracle Hospitality Simphony Import/Export Component Vulnerability Critical Vulnerability in Oracle WebLogic Server (JNDI Subcomponent) Allows Unauthorized Takeover Undocumented Functionality in Berkeley DB Allows Privilege Escalation in Postfix Oracle Outside In Technology Component Denial of Service Vulnerability Vulnerability in Oracle Hospitality Reporting and Analytics Component: Unauthorized Data Access and Manipulation Oracle CRM Technical Foundation Component Vulnerability Oracle Applications Manager Denial of Service Vulnerability Vulnerability in Java Advanced Management Console allows unauthorized access and partial denial of service Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component Vulnerability in Oracle WebLogic Server Allows Unauthorized Server Shutdown Vulnerability in Oracle WebLogic Server allows unauthorized data manipulation Vulnerability in Primavera Unifier component of Oracle Primavera Products Suite: Unauthorized Data Access and Manipulation Unauthenticated Data Manipulation Vulnerability in Primavera Unifier Critical Vulnerability in Oracle Identity Manager Allows Unauthorized Takeover Oracle WebLogic Server Remote Code Execution Vulnerability Vulnerability in Oracle Communications WebRTC Session Controller: Unauthorized Hang or Crash Unauthenticated Read Access Vulnerability in Oracle Access Manager MySQL Server Pluggable Auth Vulnerability Vulnerability in Oracle BI Publisher component allows unauthorized access and data compromise Vulnerability in Oracle BI Publisher component allows unauthorized data access and manipulation Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and manipulation Vulnerability in Oracle Communications Policy Management component allows unauthorized data access and manipulation Unauthorized Read Access Vulnerability in Primavera P6 Enterprise Project Portfolio Management Oracle Engineering Data Management Web Services Security Vulnerability Vulnerability in Siebel Core - Server Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Data Access and Modification Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component MySQL Server Replication Vulnerability Unauthenticated Remote Code Execution Vulnerability in Oracle Security Service MySQL Server Optimizer Denial of Service Vulnerability Physical Access Vulnerability in Oracle Hospitality Hotel Mobile Component (Suite 8/Windows) Critical Data Access Vulnerability in Oracle Hospitality 9700 Component Oracle Field Service Component Vulnerability in Oracle E-Business Suite Oracle E-Business Suite Oracle Marketing Component Home Page Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Retail Open Commerce Platform: Unauthorized Data Access and Manipulation Vulnerability in Oracle Retail Open Commerce Platform Allows Unauthorized Data Manipulation Oracle iSupport Component Vulnerability in Oracle E-Business Suite Oracle iSupport Unauthorized Data Access Vulnerability Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Oracle E-Business Suite Flexfields Unauthorized Data Access Vulnerability Vulnerability in Oracle WebLogic Server Allows Unauthorized Data Access and Manipulation Vulnerability in Application Management Pack for Oracle E-Business Suite allows unauthorized data access and manipulation Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle FLEXCUBE Direct Banking: Unauthorized Access and Denial of Service Oracle Hospitality OPERA 5 Property Services Component Unauthorized Access Vulnerability Vulnerability in Oracle Retail Xstore Point of Service component allows unauthorized access and data manipulation Oracle Field Service Unauthenticated Read Access Vulnerability Oracle CRM Technical Foundation User Management Vulnerability Oracle iStore User and Company Profile Unauthorized Data Access Vulnerability Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Data Access and Partial Denial of Service Critical Data Access Vulnerability in Oracle Hospitality Hotel Mobile Component Critical Data Access Vulnerability in Oracle Hospitality Suite8 (Leisure Subcomponent) Vulnerability in Java VM component of Oracle Database Server: Privilege Escalation and Takeover Oracle Web Analytics Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle iStore Shopping Cart Unauthorized Data Access Vulnerability Unauthenticated Remote Code Execution Vulnerability in Oracle Java SE Unauthorized Read Access Vulnerability in Oracle Integrated Lights Out Manager (ILOM) Oracle Hospitality Simphony Import/Export Unauthorized Data Manipulation Vulnerability Oracle Outside In Technology Component Denial of Service Vulnerability Physical Access Vulnerability in Oracle Hospitality OPERA 5 Property Services Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Oracle iLearning Component Vulnerability: Unauthorized Access and Data Compromise Oracle Hospitality e7 Vulnerability: Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality e7 Component Vulnerability in OJVM component of Oracle Database Server (CVE-2020-14882) Vulnerability in MySQL Connectors: Unauthorized Partial Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Remote Takeover Unauthorized Read Access Vulnerability in Oracle Hospitality Simphony Oracle Hospitality Simphony Engagement Component Vulnerability Oracle Hospitality Simphony Component Denial of Service Vulnerability Unauthorized Read Access Vulnerability in Oracle Hospitality e7 Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Data Access and Partial Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle Hospitality Suite8 WebConnect Component (CVE-2021-XXXX) Oracle Hospitality Suite8 WebConnect Unauthorized Access Vulnerability Unauthenticated Access Vulnerability in Oracle Hospitality Suite8 (WebConnect Subcomponent) Oracle Retail Xstore Point of Service Unauthenticated Remote Access Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_DEFN_CATG) - Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality Property Interfaces (Parser Component) Oracle Hospitality Guest Access Component Unauthorized Data Manipulation Vulnerability Oracle Hospitality Guest Access Unauthorized Data Access Vulnerability Oracle Hospitality Guest Access Component Unauthorized Access Vulnerability Oracle Hospitality Property Interfaces Parser Vulnerability Oracle Hospitality RES 3700 Component Unauthorized Access Vulnerability Vulnerability in Oracle Hospitality Materials Control component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Materials Control component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Inventory Management component of Oracle Hospitality Applications Oracle Hospitality RES 3700 Physical Access Vulnerability Oracle Hospitality Cruise Fleet Management Component Unauthorized Access Vulnerability MySQL Server Denial of Service Vulnerability Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Data Access and Manipulation Oracle Hospitality Cruise Materials Management Event Viewer Unauthorized Data Access Vulnerability Vulnerability in Oracle Hospitality Cruise Dining Room Management: Unauthorized Data Access and Manipulation Critical Data Access Vulnerability in Oracle Hospitality Cruise AffairWhere Component Vulnerability in Oracle Hospitality WebSuite8 Cloud Service: Unauthorized Access and Data Compromise Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Solaris Cluster Vulnerability: Unauthorized Takeover of Solaris Cluster Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle VM VirtualBox Prior to 5.1.24: Unauthorized Access and Denial of Service Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (JAX-WS Subcomponent) Allows Unauthorized Data Access and Partial Denial of Service Oracle E-Business Suite Attachment Vulnerability Oracle General Ledger Account Hierarchy Manager Unauthenticated Remote Access Vulnerability Vulnerability in Oracle E-Business Suite's Oracle Application Object Library (iHelp Subcomponent) Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component Critical Vulnerability in Oracle PeopleSoft Products: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools Test Framework Allows Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub component: Unauthorized Data Access and Manipulation Oracle Access Manager Component Vulnerability: Unauthorized Access to Critical Data Oracle Integrated Lights Out Manager (ILOM) Denial of Service Vulnerability XML Database Component Vulnerability in Oracle Database Server Unauthenticated Remote Code Execution Vulnerability in Oracle Access Manager (CVE-2021-12345) Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Access and Data Compromise Siebel UI Framework Denial of Service Vulnerability Oracle Integrated Lights Out Manager (ILOM) Prior to 3.2.6 Unauthenticated Remote Code Execution Vulnerability Oracle Tuxedo Jolt Vulnerability Oracle Tuxedo Jolt Vulnerability Critical Vulnerability in Oracle MySQL Server: Unauthorized Access to Critical Data Oracle Tuxedo Core Component Vulnerability Oracle Identity Manager Connector Vulnerability: Unauthorized Access and Data Manipulation Oracle WebLogic Server T3 Network Access Vulnerability Oracle Tuxedo Component Vulnerability in Oracle Fusion Middleware Vulnerability in Oracle JDeveloper Deployment Component: Unauthorized Data Access and Partial Denial of Service Java SE Smart Card IO Vulnerability Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Denial of Service MySQL Server Denial of Service Vulnerability Vulnerability in MySQL Connectors: Unauthorized Data Access and Manipulation Oracle Tuxedo Component Vulnerability: Unauthorized Access and Data Compromise MySQL Server Denial of Service Vulnerability Critical Data Access Vulnerability in Oracle PeopleSoft Products Java SE, Java SE Embedded, JRockit Serialization Vulnerability Oracle Database Server Core RDBMS Component Vulnerability MySQL Server Performance Schema Denial of Service Vulnerability MySQL Server Stored Procedure Denial of Service Vulnerability Vulnerability in Java SE RMI Component Allows Unauthorized Takeover MySQL Server Denial of Service Vulnerability Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Strategic Sourcing Component Oracle Database Server RDBMS Security Component Unauthorized Data Access Vulnerability Vulnerability in Java SE Javadoc Component Allows Unauthorized Data Access MySQL Server Optimizer Denial of Service Vulnerability Vulnerability in Oracle Java SE Networking Component MySQL Server Denial of Service Vulnerability Oracle Agile PLM Unauthorized Read Access Vulnerability Unauthenticated Remote Code Execution Vulnerability in Siebel CRM Desktop Component of Oracle Siebel CRM Critical Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub Allows Unauthorized Access and Data Manipulation Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Vulnerability in Oracle Interaction Center Intelligence component of Oracle E-Business Suite (Setup) allows unauthorized access and data compromise Vulnerability in PeopleSoft Enterprise HCM Component of Oracle PeopleSoft Products (9.2) Vulnerability in PeopleSoft Enterprise HCM Component of Oracle PeopleSoft Products (9.2) Allows Unauthorized Data Access Oracle Agile PLM Component Physical Access Vulnerability Vulnerability in Oracle Java SE Deployment Component: Unauthorized Access and Partial Denial of Service Oracle Hyperion Financial Reporting Component Vulnerability MySQL Server FTS Component Denial of Service Vulnerability Oracle Hyperion BI+ Component Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in MySQL Server Component: Group Replication GCS (CVE-2017-3636) MySQL Server Component Vulnerability: Unauthorized Hang and Crash Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation Oracle Hospitality Suite8 WebConnect Unauthorized Access Vulnerability Unauthenticated Unauthorized Read Access Vulnerability in Oracle Hospitality Suite8 Unauthenticated Remote Data Read Access Vulnerability in Oracle Hospitality Suite8 Unauthenticated Read Access Vulnerability in Oracle Hospitality Suite8 Title: High-Privilege Network Access Vulnerability in MySQL Server (InnoDB Component) Vulnerability in Core RDBMS component of Oracle Database Server: Privilege Escalation and Takeover Oracle Common Applications Calendar Unauthenticated Access Vulnerability Vulnerability in Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle E-Business Suite Oracle Forms Unauthenticated Read Access Vulnerability Oracle Common Applications Calendar Unauthenticated Remote Code Execution Vulnerability Oracle Common Applications Calendar Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Oracle E-Business Suite Application Object Library Unauthorized Access Vulnerability Oracle Global Order Promising Component Vulnerability Oracle Common Applications Gantt Server Unauthenticated Remote Access Vulnerability Oracle E-Business Suite Application Object Library Unauthorized Read Access Vulnerability Oracle Universal Work Queue Unauthenticated Access Vulnerability Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Partial Denial of Service Oracle WebLogic Server Unauthorized Read Access Vulnerability Elastic Search Vulnerability in PeopleSoft Enterprise PT PeopleTools Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability Oracle Hospitality Suite8 Leisure Component Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Access and Data Compromise Unauthenticated Remote Access Vulnerability in Oracle Hospitality Suite8 Oracle Hospitality Simphony Import/Export Unauthenticated Access Vulnerability Java Advanced Management Console Server Unauthenticated Access Vulnerability Java Advanced Management Console Server Unauthenticated Remote Denial of Service Vulnerability Oracle Hospitality Simphony Import/Export Vulnerability Oracle Hospitality Simphony Import/Export Unauthenticated Remote Code Execution Vulnerability Java SE, Java SE Embedded, JRockit Serialization Vulnerability Critical Vulnerability in Oracle Java SE: Remote Code Execution and Takeover Java SE, JRockit Serialization Vulnerability Vulnerability in Oracle Java SE Allows Partial Denial of Service Vulnerability in Oracle Java SE: Unauthorized Partial Denial of Service (CVE-2017-10295) Vulnerability in JAX-WS component of Oracle Java SE: Unauthorized Partial Denial of Service Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability Oracle Hospitality Hotel Mobile Component Unauthorized Access Vulnerability Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub: Unauthorized Access and Data Compromise Java SE, Java SE Embedded, JRockit Networking Vulnerability Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data Vulnerability in Java SE Serialization Component Oracle Hyperion Financial Reporting Vulnerability Oracle Hyperion BI+ Component Vulnerability: Unauthorized Data Access and Manipulation Oracle WebCenter Content Vulnerability: Unauthorized Access and Data Manipulation Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Data Access and Partial Denial of Service Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and partial denial of service Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Modification Vulnerability in MySQL Server: Unauthorized Data Access and Partial Denial of Service Critical Vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools Vulnerability in Oracle Hospitality Simphony component allows unauthorized data access and manipulation Vulnerability in PeopleSoft Enterprise SCM eProcurement: Unauthorized Data Access and Manipulation Oracle Virtual Directory Takeover Vulnerability Vulnerability in Oracle Hospitality Guest Access component allows unauthorized access and data compromise Vulnerability in Oracle Hospitality Guest Access component allows unauthorized data access and system compromise Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PT PeopleTools Vulnerability in Oracle Hospitality Guest Access component allows unauthorized data access MySQL Server Denial of Service Vulnerability Vulnerability in MySQL Server Allows Unauthorized Access to Critical Data Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Data Access and Manipulation Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Unauthenticated Read Access Vulnerability in Oracle Hospitality Guest Access MySQL Server Denial of Service Vulnerability Oracle GlassFish Server Web Container Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Data Access and Manipulation Oracle E-Business Suite CRM Technical Foundation Preferences Unauthenticated Access Vulnerability Vulnerability in Java SE Kerberos Client Allows Unauthorized Takeover Vulnerability in Oracle Hospitality Suite8 component of Oracle Hospitality Applications (PMS subcomponent) Vulnerability in Oracle GlassFish Server Allows Unauthorized Access and Data Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Oracle GlassFish Server Web Container Unauthenticated Remote Code Execution Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools component allows unauthorized data access and partial denial of service Oracle Hospitality Cruise Fleet Management Component Unauthorized Data Access Vulnerability Vulnerability in Oracle Hospitality Cruise AffairWhere component: Takeover Exploit Oracle Hospitality Cruise Fleet Management BaseMasterPage Unauthenticated Access Vulnerability Oracle Hospitality Cruise Fleet Management Component Vulnerability Oracle Hospitality Cruise Fleet Management Component Partial Denial of Service Vulnerability Vulnerability in Oracle GlassFish Server Administration GUI Allows Unauthorized Data Access and Manipulation Vulnerability in Oracle Hospitality Cruise Materials Management: Unauthorized Data Access and System Compromise Critical Vulnerability in Oracle Hospitality Reporting and Analytics Component Vulnerability in Oracle Hospitality Reporting and Analytics component allows for takeover Oracle Hospitality Reporting and Analytics Component Takeover Vulnerability Oracle Hospitality Reporting and Analytics Component Vulnerability Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Vulnerability in Oracle VM VirtualBox Prior to 5.1.30: Unauthorized Access and DOS Oracle iStore Merchant UI Unauthenticated Access Vulnerability Oracle E-Business Suite Knowledge Management Component Unauthenticated Remote Code Execution Vulnerability Vulnerability in Oracle Knowledge Management component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Knowledge Management component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Mobile Field Service component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Oracle iStore Checkout and Order Placement Vulnerability Oracle iSupport Component Vulnerability in Oracle E-Business Suite Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in Oracle Advanced Outbound Telephony component of Oracle E-Business Suite: Unauthorized Access and Data Compromise Vulnerability in PeopleSoft Enterprise PT PeopleTools component allows unauthorized data access and manipulation Vulnerability in Oracle Hospitality Suite8 PMS Component (CVE-2021-XXXX) Vulnerability in Oracle Hospitality Suite8 component of Oracle Hospitality Applications (Leisure subcomponent) allows unauthorized data access and partial denial of service Oracle Hospitality Suite8 Leisure Component Vulnerability Unauthenticated Remote Access Vulnerability in Oracle PeopleSoft Products (CVE-XXXX) Vulnerability in Oracle Retail Back Office component allows unauthorized data access and manipulation Vulnerability in MySQL Enterprise Monitor: Unauthorized Takeover Vulnerability in Oracle Hospitality Simphony component allows unauthorized data access and manipulation Unauthorized Read Access Vulnerability in PeopleSoft Enterprise FSCM Component Vulnerability in Oracle Retail Xstore Point of Service component allows unauthorized access and data manipulation Vulnerability in Oracle VM VirtualBox Prior to 5.1.30 Privilege Escalation Vulnerability in ubuntu-image 1.0 Unauthenticated Login Vulnerability in Juniper Networks Junos OS Buffer Overflow Vulnerability in Junos OS CLI Allows Local Authenticated User to Execute Code with Root Privileges XML Injection Vulnerability in Junos OS CLI Allows Privilege Escalation Account Lockout Vulnerability in Juniper Networks Junos OS on SRX Series Denial of Service Vulnerability in Juniper Networks vSRX and SRX Series Devices TPM Firmware Weakness in Juniper Networks SRX300 Series Denial of Service Vulnerability in Juniper Networks Junos OS 16.1R1 and Services Releases Denial of Service Vulnerability in Juniper Networks SRX Series Devices with Sun/MS-RPC ALGs Denial of Service Vulnerability in SRX Series Devices with NAT64 Configuration Denial of Service Vulnerability in Juniper Networks Junos OS Persistent XSS Vulnerability in Juniper Networks Junos Space Juniper Networks Junos OS Loopback Filter Action Command Vulnerability Denial of Service Vulnerability in Junos OS Telnetd Service Pluggable Authentication Module (PAM) Vulnerability in Juniper Networks Junos OS Hard-coded Credentials Vulnerability in Juniper Networks Contrail Releases Contrail ifmap Service XML External Entity (XXE) Vulnerability BGP UPDATE Transitive Attribute Crash Vulnerability Denial of Service Vulnerability in Juniper Networks SRX High-End Platforms with Express Path Configuration Vulnerability: Lack of HTTPS Server Certificate Verification in Juniper Networks Junos OS on SRX Series Devices Denial of Service Vulnerability in Juniper Networks Junos OS Telnetd Service Authentication Bypass Vulnerability in Juniper Networks Junos Space Network Management Platform Vulnerability: Lack of Authentication and Authorization in Juniper Networks Junos Space Cluster Messages Insufficient Verification of Node Certificates in Juniper Networks Junos Space: Unauthorized Modifications and Node Addition Vulnerability Race condition in fs/timerfd.c in the Linux kernel before 4.10.15: Privilege escalation and denial of service vulnerability Unvalidated Segment Count in sanity_check_raw_super Function in Linux Kernel Privilege Escalation Vulnerability in Linux Kernel's sanity_check_ckpt Function QEMU-NBD Denial of Service Vulnerability Arbitrary Code Execution via Directory Traversal in Kayson Group Ltd. phpGrid Cross-Site Scripting (XSS) Vulnerability in Zen Cart 1.6.0 via products_id Parameter in index.php Padding Oracle Vulnerability in OSCI-Transport 1.2 Signature Wrapping Vulnerability in OSCI-Transport 1.2 XML External Entity (XXE) Vulnerability in OSCI-Transport Library 1.2 Heap-based Buffer Overflow in de_dotdot function in libhttpd.c in sthttpd XML-LibXML Module Use-After-Free Remote Code Execution Vulnerability XSS Vulnerability in GetSimple CMS 3.x Admin Profile Name Field Denial of Service Vulnerability in Antiy Antivirus Engine 5.0.0.06281654 Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-600M Devices CSRF Vulnerability in Linksys EA4500 Firmware Version before 2.1.41.164606 CSRF Vulnerability in Piwigo Allows Unauthorized Deletion of Permalinks Information Disclosure Vulnerability in Piwigo 2.9.1 CSRF Vulnerability in Piwigo Allows Unauthorized Album Access CSRF Vulnerability in Piwigo Allows Unauthorized Album Unlocking SQL Injection Vulnerability in Piwigo Administrative Backend Heap-Based Buffer Over-Read Vulnerability in mpg123 1.25.0's convert_latin1 Function Stack-based Buffer Overflow in fmt_entry function of ncurses 6.0 Allows Remote Arbitrary Code Execution Remote Code Execution Vulnerability in ncurses 6.0's fmt_entry Function Multiple Heap Use After Free Vulnerabilities in NASM 2.14rc0 Heap-based Buffer Over-read in LibSass 3.4.5: Remote Denial of Service Vulnerability Remote Denial of Service Vulnerability in LibTIFF 4.0.8 World-Writable Module Installation Vulnerability in Previous Versions of Puppet Agent Unauthorized Retrieval of Facts in Puppet Agent Out-of-Bounds Heap Memory Write Vulnerability in avcodec 2.2.x Arbitrary Command Execution Vulnerability in QNAP NAS 4.3.3.0229 Medialibrary Component Arbitrary Web Script Injection Vulnerability in SAP Enterprise Portal 7.50 Stack-Based Buffer Overflow in Antiy Antivirus Engine when Scanning Special ZIP Archive Arbitrary Code Execution via Path Traversal in Apport Bypassing Lockscreen PIN on Elephone P9000 Devices CSRF Vulnerability in SimpleRisk 20170614-001 Allows XSS Injection via User Parameter Title: Critical Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access and Control Title: Critical Vulnerability: Shekar Endoscope's Default Wi-Fi Credentials Jeopardize IoT Security Stack Overflow Vulnerability in Shekar Endoscope Desktop Application Default Telnet Functionality in Shekar Endoscope Firmware: A Gateway to Unauthorized Access and Potential Network Breach Stack Overflow Vulnerability in Shekar Endoscope Desktop Application Title: Remote Code Execution Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access to Video Feed and Potential Breach of Air Gapped Networks Title: Remote Code Execution Vulnerability in Shekar Endoscope Firmware Allows Unauthorized Access to Video Feed and Potential Breach of Air Gapped Networks Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in Winamp 5.666 Build 3516(x86) via Crafted .flv File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Stack Buffer Overrun Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Stack Buffer Overrun Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution via Crafted .rle File in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution via Crafted .rle File in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File WEBrick Library Remote Command Execution Vulnerability Use-after-free vulnerability in DBD::mysql module for Perl allows remote attackers to cause denial of service or other impact Cleartext-Downgrade Vulnerability in DBD::mysql Module NULL Pointer Dereference Vulnerability in _asn1_check_identifier Function Integer Overflow Vulnerability in libpspp's hash_int Function Remote Denial of Service Vulnerability in libpspp's ll_insert() Function AT&T U-verse 9.2.2h0d83 Firmware Vulnerability: Unauthorized Access to Sensitive Information Buffer Overflow Vulnerability in GraphicsMagick 1.3.25 TIFF Processing Arbitrary Script Injection in Subrion CMS 4.1.4 via blog/add/ Endpoint Unauthenticated Access to Video and Audio on TP-Link NC250 Devices Cross-Site Scripting (XSS) Vulnerability in ObjectPlanet Opinio before 7.6.4 Denial of Service Vulnerability in GraphicsMagick 1.3.25's ReadDPXImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.25: Out-of-Memory Error in ReadMATImage() XSS Vulnerability in phpSocial (formerly phpDolphin) before 3.0.1 via PATH_INFO Arbitrary Code Execution via Insecure Handling of Anonymization Data in Odoo Database Anonymization Module Authentication Bypass Vulnerability in Odoo 8.0 and 9.0 OAuth Session Hijacking Vulnerability in Odoo QEMU Stack-Based Buffer Overflow in hw/usb/redirect.c Unauthenticated SASL ANONYMOUS Authentication in JabberD 2.x Kernel Panic Vulnerability in FreeBSD's ipfilter with keep state or keep frags options Memory Leak in virtio_gpu_object_create Function in Linux Kernel Arbitrary OS Command Execution Vulnerability in Buffalo WCR-1166DS Firmware 1.30 and Earlier Untrusted Search Path Vulnerability in Photo Collection PC Software Ver.4.0.2 and Earlier Arbitrary OS Command Execution Vulnerability in CG-WLR300NM Firmware Version 1.90 and Earlier CG-WLR300NM Firmware version 1.90 and earlier Buffer Overflow Vulnerability Authentication Bypass Vulnerability in MaLion Remote Control MaLion for Windows and Mac SQL Injection Vulnerability in Relay Service Server Authentication Bypass Vulnerability in MaLion for Windows and Mac 5.0.0 to 5.2.1 Hardcoded Cryptographic Key Vulnerability in MaLion for Windows and Mac Certificate Validation Vulnerability in MaLion for Mac 4.3.0 to 5.2.1 Excessive Stack Usage and Potential Overflow in qsort Algorithm Untrusted Search Path Vulnerability in IP Messenger for Win Installer Untrusted Search Path Vulnerability in Shin Kikan Toukei Houkoku Data Nyuryokuyou Program Installer Untrusted Search Path Vulnerability in Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program Installer Untrusted Search Path Vulnerability in Shin Kinkyuji Houkoku Data Nyuryoku Program Installer Untrusted Search Path Vulnerability in TDB CA TypeA Software Version 5.2 and Earlier Untrusted Search Path Vulnerability in Flets Easy Setup Tool Installer Untrusted Search Path Vulnerability in Security Kinou Mihariban v1.0.21 and Earlier Untrusted Search Path Vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and Earlier Untrusted Search Path Vulnerability in Flets Install Tool Allows Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in Enkaku Support Tool Stack Guard-Page Vulnerability in FreeBSD Untrusted Search Path Vulnerability in Security Setup Tool Allows Privilege Escalation via Trojan Horse DLL Untrusted Search Path Vulnerability in CRCA User's Software Ver1.8 and Earlier Remote Code Execution in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Unspecified Remote Access Restriction Bypass in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Arbitrary File Read Vulnerability in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Code Injection Vulnerability in Dokodemo eye Smart HD SCR02HD Firmware 1.0.3.1000 and Earlier Untrusted Search Path Vulnerability in Optimal Guard 1.1.21 and Earlier: Privilege Escalation via Trojan Horse DLL Arbitrary Code Injection Vulnerability in BackupGuard prior to version 1.1.47 Arbitrary Code Injection Vulnerability in SEO Panel Prior to Version 3.11.0 SQL Injection Vulnerability in SEO Panel (Versions prior to 3.11.0) Allows Arbitrary SQL Command Execution Stack Guard-Page Vulnerability in FreeBSD Arbitrary Code Injection Vulnerability in WebCalendar 1.2.7 and Earlier WebCalendar 1.2.7 and Earlier Directory Traversal Vulnerability Arbitrary SQL Command Execution Vulnerability in baserCMS 3.0.14 and earlier, 4.0.5 and earlier Arbitrary File Deletion Vulnerability in baserCMS Arbitrary PHP Code Execution Vulnerability in baserCMS 3.0.14 and earlier, 4.0.5 and earlier Backdoor Account Vulnerability in Wi-Fi STATION L-02F Software Bypassing Access Restrictions in Wi-Fi STATION L-02F Software Version V10b and Earlier Untrusted Search Path Vulnerability in DocuWorks Installers and Viewer Light Untrusted Search Path Vulnerability in DocuWorks 8.0.7 and Earlier Stack Memory Corruption Vulnerability in FreeBSD Untrusted Search Path Vulnerability in ART EX Driver Installers for ApeosPort-VI and DocuCentre-VI Series Untrusted Search Path Vulnerability in ContentsBridge Utility Installer Buffer Overflow Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier: Arbitrary Code Execution Arbitrary Command Execution Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier Authentication Bypass and Password Change Vulnerability in Corega CG-WGR1200 Firmware 2.20 and Earlier Untrusted Search Path Vulnerability in FENCE-Explorer for Windows V8.4.1 and Earlier Vulnerability: Temporary Failure of Encrypted Communications in SEIL Devices Authentication Bypass Vulnerability in Cybozu Office 10.0.0 to 10.6.1 via Cabinet Function Untrusted Search Path Vulnerability in i-filter 6.0 Install Program Untrusted Search Path Vulnerability in i-filter 6.0 Installer Kernel Stack Information Leak in FreeBSD Untrusted Search Path Vulnerability in i-Filter 6.0 Installer QND Advance/Standard Directory Traversal Vulnerability Insecure Token Signature Verification in jwt-scala 1.2.2 and Earlier Untrusted Search Path Vulnerability in HIBUN Confidential File Decryption Program Untrusted Search Path Vulnerability in HIBUN Confidential File Viewer Installer Untrusted Search Path Vulnerability in HIBUN Confidential File Decryption Program Denial of Service Vulnerability in H2O Server Buffer Overflow Vulnerability in H2O Server 2.2.2 and Earlier Globally Scoped Named Paths Vulnerability in FreeBSD 10.x Memory Corruption Vulnerability in Rakuraku Hagaki and Ichitaro allows Arbitrary Code Execution Arbitrary Code Execution Vulnerability in NTT DOCOMO Wi-Fi STATION L-02F Software Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) Authentication Bypass Vulnerability in OpenAM (Open Source Edition) PWR-Q200 DNS Cache Poisoning Vulnerability Unspecified Vector Denial of Service Vulnerability in I-O DATA DEVICE LAN DISK Connect Ver2.02 and Earlier Kernel Stack Information Leak Vulnerability in FreeBSD Untrusted Search Path Privilege Escalation Vulnerability Arbitrary Web Script Injection Vulnerability in CS-Cart Japanese Edition v4.3.10 and Earlier Untrusted Search Path Vulnerability in BOOK WALKER for Windows Ver.1.2.9 and Earlier Local File Access Vulnerability in BOOK WALKER for Windows and Mac XML External Entity (XXE) Vulnerability in TablePress Session Management Vulnerability in RX-V200, RX-V100, RX-CLV1-P, RX-CLV2-B, and RX-CLV3-N Firmware Versions Untrusted Search Path Privilege Escalation Vulnerability in Media Go Untrusted Search Path Vulnerability in Music Center for PC Version 1.0.00 Untrusted Search Path Vulnerability in The Public Certification Service for Individuals The JPKI User's Software Ver3.1 and Earlier Denial of Service Vulnerability in StreamRelay.NET.exe ver2.14.0.7 and Earlier Denial of Service Vulnerability in sDNSProxy.exe ver1.1.0.0 and Earlier Cross-Site Scripting Vulnerability in Buffalo BBR-4HG and BBR-4MG Broadband Routers Unspecified Vector Input Validation Vulnerability in Buffalo BBR-4HG and BBR-4MG Broadband Routers Arbitrary SQL Command Execution Vulnerability in A-Member and A-Member for MT Cloud Versions 3.8.6 and Earlier Arbitrary SQL Command Execution Vulnerability in A-Reserve and A-Reserve for MT Cloud Versions 3.8.6 and Earlier Remote Access Bypass Vulnerability in PTW-WMS1 Firmware Version 2.000.012 PTW-WMS1 Firmware Version 2.000.012 Buffer Overflow Vulnerability Arbitrary OS Command Execution in PTW-WMS1 Firmware Version 2.000.012 Root Privilege Escalation Vulnerability in PTW-WMS1 Firmware Version 2.000.012 Arbitrary OS Command Execution in Qt for Android (prior to 5.9.0) Environment Variable Manipulation Vulnerability in Qt for Android Applications Fluentd Escape Sequence Injection Vulnerability Arbitrary File Read Vulnerability in OneThird CMS Show Off v1.85 and Earlier Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) via Crafted HTTP/2 Header Untrusted Search Path Vulnerability in Music Center for PC Version 1.0.01 and Earlier Denial-of-Service Vulnerability in MQTT.js 2.x.x prior to 2.15.0 XSA-216: Information Disclosure Vulnerability in Linux Kernel's make_response Function Xen Vulnerability: Privileged Host OS Access via Page Transfer (XSA-217) XSA-218: False Mapping Information Vulnerability in Xen Grant-Table Feature XSA-218 Bug 2: Grant-Table Race Condition Leading to Double Free Vulnerability Race condition vulnerability in Xen's shadow-paging feature allows guest OS users to gain Xen privileges (XSA-219) Xen vCPU Context-Switch Vulnerability: Defeating ASLR and Protection Mechanisms (XSA-220) Xen Event Channel Port Validation Vulnerability (XSA-221) Memory Allocation Validation Vulnerability in Xen (XSA-222) Xen Virtual Interrupt Injection Denial of Service Vulnerability (XSA-223) Arbitrary Code Execution Vulnerability in IBM Informix Open Admin Tool XSA-224: Grant-table Feature Vulnerability in Xen Insufficient Type Counts in Xen Grant-Table Feature (XSA-224 Bug 2) XSA-224 Bug 3: Denial of Service Vulnerability in Xen's Grant-Table Feature Xen Hypervisor Denial of Service Vulnerability (XSA-225) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Denial of Service Vulnerability in IrfanView 4.44 (32bit) with FPX Plugin 4.47 Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-0 Heap-based Buffer Overflow in radare2 1.5.0 Local Privilege Escalation in IBM AIX Bellmail Binary Unauthorized Access to Configuration Files in ZXR10 1800-2S (v3.00.40 and earlier) Directory Traversal Vulnerability in ZXR10 1800-2S (before v3.00.40) Allows Unauthorized File Downloads and Information Leaks Java Deserialization Vulnerability in ZTE Microwave NR8000 Series Products ZTE ZXDT22 SF01 Directory Traversal Vulnerability Java Deserialization Remote Code Execution Vulnerability in ZTE ZXIPTV-EPG Authentication Bypass Vulnerability in ZTE ZXR10 1800-2S Products ZTE ZXCDN-SNS Product SQL Injection Vulnerability ZTE ZXIPTV-UCM SQL Injection Vulnerability Arbitrary Code Execution via Docker API in Joyent Smart Data Center Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4816) Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Remote Code Execution Vulnerability in Foxit Reader 8.3.0.14878 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4855) Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 (ZDI-CAN-4721) Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 Arbitrary Code Execution Vulnerability in Foxit Reader 8.2.1.6871 (ZDI-CAN-4723) Directory Traversal Vulnerability in Dell Storage Manager 2016 R2.1 Allows Information Disclosure Arbitrary Code Execution Vulnerability in Bitdefender Total Security 21.0.24.62 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-4724) Arbitrary Code Execution via saveAs JavaScript Function in Foxit Reader 8.2.0.2051 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.0.14878 (ZDI-CAN-5030) Integer Overflow in Bitdefender Internet Security 2018 Allows Remote Code Execution Arbitrary Code Execution Vulnerability in EMC Data Protection Advisor 6.3.0 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via ArrowEnd Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4980) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4981) Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 CSRF Vulnerability in REDCap File Repository and File Upload Components XSS Vulnerability in REDCap before 7.5.1 via Query String Knox SDS IAM and EMM 16.11 on Samsung Mobile Devices: Man-in-the-Middle Attack Allows Unauthorized Application Installation and Data Leakage Null Pointer Dereference Vulnerability in Irssi Use-after-free vulnerability in Irssi before 1.0.4 Cross-Site Scripting (XSS) Vulnerability in FineCMS before 2017-07-06 Remote PHP Code Execution in FineCMS through 2017-07-07 via route=template Request Cross-Site Request Forgery Vulnerability in IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x Cross-Site Scripting (XSS) Vulnerability in Cacti 1.1.12 link.php X.Org X Server Stack Overflow Vulnerability Endianness Conversion Vulnerability in X.Org X Server SSRF Vulnerability in FineCMS before 2017-07-06: Exploiting Modified HTTP Host Header in get_image_data.php Yaws 1.91 Unauthenticated Remote File Disclosure via HTTP Directory Traversal Arbitrary Script Injection in Lutim File Uploads Heap-Based Buffer Over-Read Vulnerability in SWFTools 0.9.2's ttftool Read/Write Overflow Vulnerability in FreeRADIUS: Exploiting make_secret() Function Write Overflow Vulnerability in FreeRADIUS 2.x before 2.2.10 Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Supplier Lifecycle Management 10.1.0.x Memory Leak Vulnerability in FreeRADIUS 2.x: DHCP - decode_tlv() Memory Leak Vulnerability in FreeRADIUS 2.x: FR-GV-204 DHCP Buffer Over-read Vulnerability in FreeRADIUS 2.x DHCP Option 63 Read Overflow Vulnerability in FreeRADIUS Write Overflow Vulnerability in FreeRADIUS 3.x Allows Remote Code Execution Infinite Loop and Memory Exhaustion Vulnerability in FreeRADIUS 3.x DHCP - Infinite Read Vulnerability in FreeRADIUS 3.x DHCP Buffer Over-read Vulnerability in FreeRADIUS 3.x Heap-based Buffer Over-read in SQLite's getNodeSize Function Vulnerability: Information Exposure through Stack Trace Error Conditions in IBM Jazz Foundation XSS Vulnerability in WP Statistics Plugin for WordPress Unauthenticated Java Deserialization Remote Code Execution in HPE Storage Essentials 9.5.0.142 Directory Traversal Vulnerability in Contao before 3.5.28 and 4.x before 4.4.1 Arbitrary Write Vulnerability in Foxit Reader and PhantomPDF Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-0 Out-of-Bounds Access Vulnerability in Qualcomm Android Releases with CAF Kernel Memory Corruption Vulnerability in Qualcomm Android Devices Buffer Overflow Vulnerability in audio_aio_ion_lookup_vaddr Vulnerability: Memory Corruption in Qualcomm's CAF Android Releases with Linux Kernel Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Out-of-Bounds Write Vulnerability in Qualcomm Android Camera Kernel Driver Out of Bounds Read Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Buffer Over-read Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Firmware Image Update Vulnerability: Unchecked RAM Allocation in Android for MSM, Firefox OS for MSM, QRD Android Insecure User Access to Registers in Snapdragon Processors Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Android and Firefox OS for MSM: Exploiting Positioning Stack Corruption Vulnerability in HandleMetaImgFlash Function Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Unprotected Configuration Space Vulnerability in Android on Qualcomm Snapdragon Devices Use After Free Vulnerability in Qualcomm Snapdragon Mobile and Snapdragon Wear Devices Stack-based Buffer Overflow in QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST Command Processing Unbounded Loop Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Uncleared Stale Pointers Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Memory Corruption and Uninitialized Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Array Access Out of Bounds Vulnerability in Android Camera Driver Unclosed File Descriptor Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Privacy Vulnerability: Uncontrolled Information Elements in Probe Requests Out-of-Bound Buffer Access Vulnerability in Android and Firefox OS for MSM Race Condition in rmnet USB Control Driver Leading to Use After Free Vulnerability Race Condition Vulnerability in audio_effects_shared_ioctl() Function Vulnerability: Authentication Compromise in Android Flashing FRP Partition Uninitialized Data Access Vulnerability in Android Flashing Process Kernel Address Leakage in ISP Camera Driver Kernel Buffer Overflow Vulnerability in Camera Application for Android IBM Team Concert (RTC) XML External Entity Injection (XXE) Denial of Service Vulnerability Arbitrary Write Vulnerability in HDMI Video Driver Function hdmi_edid_sysfs_rda_res_info() Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases with Linux Kernel Double Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Coresight-TMC Driver Buffer Overflow and Information Leak Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Vulnerability: Bypassing Range Checks in Android Boot Image Header Processing Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 Information Leakage Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Buffer Access and Freeing Vulnerability in Qualcomm Android Releases Unrestricted Access to ImsService and IQtiImsExt AIDL APIs in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Integer Overflow Vulnerability in Android Wi-Fi Driver Function Race Condition in KGSL Driver Function Leading to Use After Free Vulnerability Race Condition in Camera Driver Function Leading to Use After Free Vulnerability Kernel Out-of-Bounds Write Vulnerability in Android and Firefox OS for MSM Graphics Driver IOCTL Handler Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Android Display Driver Function Race Condition Vulnerability in Android Video Driver: Potential Buffer Overflow Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Information Disclosure Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in ConvertQosMapsetFrame() in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Kernel Memory Disclosure Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Race Condition Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases with Linux Kernel Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Uninitialized Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out-of-Range Pointer Offset Vulnerability in Athdiag Procfs Entry Heap Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Sensitive Information Exposure in IBM Marketing Platform Buffer Overflow Vulnerability in GPT Header Field Calculation in Android for MSM, Firefox OS for MSM, QRD Android Memory Mapping Vulnerability in qcacld pktlog on Android and Firefox OS for MSM Obsolete Set/Reset SSID Hotlist API Vulnerability Use After Free Vulnerability in wdsp_glink_write() Out of Bounds Read Vulnerability in Android Boot Image Header Processing Uninitialized Heap Memory Flashing Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs Race Condition Vulnerability in WLAN Firmware Loading Routine Integer Overflow and Buffer Overflow in msm_audio_effects_virtualizer_handler Information Disclosure Vulnerability in libOmxVenc SQL Injection Vulnerability in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear Buffer Overread Vulnerability in nl80211_set_station Buffer Overread Vulnerability in __wlan_hdd_cfg80211_set_pmksa Use-After-Free Vulnerability in mdss_rotator_ioctl Function Use After Free Vulnerability in KGSL Driver Function kgsl_ioctl_gpu_command Buffer Over-read Vulnerability in Android Display due to Lack of Upper-Bound Validation NULL Pointer Dereference in swf_DeleteFilter() function in SWFTools 0.9.2 NULL Pointer Dereference in dict_lookup() function in SWFTools 0.9.2 Segmentation Violation Vulnerability in SWFTools 0.9.2's png2swf Processing Segmentation Violation Vulnerability in SWFTools 0.9.2's wav2swf Processing Unspecified Vulnerability in IBM Curam Social Program Management Allows Unauthorized Incident Viewing NULL Pointer Dereference in swf_FoldSprite() function in SWFTools 0.9.2 NULL Pointer Dereference in swf_Relocate() function in SWFTools 0.9.2 Denial of Service Vulnerability in GraphicsMagick 1.3.26 via Zero-Length Color_Image Data Structure Orpheus' Lyre: Remote Service Impersonation Vulnerability in Heimdal Improper TSIG Validity Period Check in Knot DNS Allows Authentication Bypass OnePlus 2 Primary Bootloader (PBL) Vulnerability: Disabling Signature Validation via SBL1 Partition XSS Vulnerability in phpLDAPadmin 1.2.3 via entry_chooser.php Denial of Service Vulnerability in tcpdump 4.9.0 via Crafted Packet Data Vulnerability in Vim 8.0: Denial of Service via Crafted Source File Heap-based Buffer Underflow Vulnerability in catdoc 0.95 Heap-based Buffer Overflow in NASM 2.14rc0 Preproc.c Remote Denial of Service Vulnerability in ncurses 6.0 NULL Pointer Dereference in _nc_parse_entry function of ncurses 6.0 Buffer Over-read Vulnerability in Twibright Links 2.14's put_chars Function Heap-based Buffer Overflow in ExifJpegHUFFTable::deriveTable Function in OpenExif 2.1.4 Heap-based Buffer Over-read Vulnerability in OpenExif 2.1.4 Heap-based Buffer Over-read Vulnerability in OpenExif 2.1.4 Denial of Service Vulnerability in OpenExif 2.1.4 via Crafted JPG File Denial of Service Vulnerability in Nosefart 2.9-mls via Crafted NSF File Buffer Overflow Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips (B-V2017061204) B-V2017061205: Denial of Service Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips Information Leak Vulnerability in Broadcom BCM4355C0 Wi-Fi Chips NULL Pointer Dereference in xar_unserialize function of libxar.so in xar 1.6.1 NULL Pointer Dereference in xar_get_path function in libxar.so Buffer Over-read and Application Crash in mpg123 III_i_stereo Function Stored XSS Vulnerability in Bolt CMS 3.2.14 via SVG Upload Stored XSS Vulnerability in Bolt CMS 3.2.14 via Title Field of New Entry Hard-coded Password Vulnerability in heinekingmedia StashCat for Android Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert (RTC) 4.0, 5.0, and 6.0 Replay Attack Vulnerability in heinekingmedia StashCat Insecure Password Hashing in heinekingmedia StashCat Lack of Certificate Pinning in heinekingmedia StashCat for Android Weak Encryption Implementation in heinekingmedia StashCat Insecure Storage of Login Credentials in heinekingmedia StashCat for Android Insecure Logout Mechanism Allows Unauthorized Access and Denial of Service Insecure RSA Key Transmission and Storage in heinekingmedia StashCat Double Free Vulnerabilities in GraphicsMagick 1.3.26's ReadOneJNGImage() Function Cross-Site Scripting (XSS) Vulnerability in IBM Campaign 9.1, 9.1.2, and 10 Denial of Service Vulnerability in GraphicsMagick's ReadJPEGImage Function Memory Leak Vulnerability in ReadMATImage Function of ImageMagick 7.0.5-6 CPU Consumption Denial of Service Vulnerability in PHP Invalid Free Vulnerability in PHP WDDX Deserialization OpenSSL Extension PEM Sealing Code Crash Vulnerability Out-of-bounds Read Vulnerability in PHP Date Extension Buffer Over-read Vulnerability in PHP PHAR Archive Handler SSRF Vulnerability in Synology Chat Link Preview Allows Unauthorized Access to Intranet Resources SSRF Vulnerability in Synology Download Station Allows Arbitrary File Download HTML Injection Vulnerability in IBM Campaign 9.1, 9.1.2, and 10 Command Injection Vulnerability in Synology Office 2.2.0-1502 and 2.2.1-1506: Remote Code Execution via RTF Document Filename Arbitrary File Upload Vulnerability in Synology Photo Station Arbitrary File Write Vulnerability in Synology Photo Station Deserialization Vulnerability in Synology Photo Station Allows Remote Privilege Escalation Arbitrary PHP Script Creation via Unrestricted File Upload in Synology Photo Station Information Exposure Vulnerability in Synology Photo Station Arbitrary Code Execution Vulnerability in Synology Download Station Untrusted Search Path Vulnerabilities in Synology Cloud Station Backup Installer Untrusted Search Path Vulnerabilities in Synology Cloud Station Drive Installer on Windows Untrusted Search Path Vulnerabilities in Synology Photo Station Uploader on Windows Excessive Client-Side Details Disclosure Vulnerability in IBM Campaign Untrusted Search Path Vulnerabilities in Synology Assistant Installer on Windows SQL Injection Vulnerabilities in Synology Photo Station Directory Traversal Vulnerability in Synology Photo Station Allows Remote File Read Arbitrary Web Script Injection via HTTP Referer Headers in Cacti 1.1.12 Stack Exhaustion Vulnerability in PCRE 8.41's OP_KETRMAX Feature Sensitive Credential and Configuration Information Disclosure in dataTaker DT80 dEX 1.50.012 Memory Leak Vulnerability in ImageMagick's ReadXWDImage Function Arbitrary PHP Code Execution in FineCMS 2.1.0 via URL Manager Add Site Action Privilege Escalation via Modified Parameter in iBall iB-WRA300N3GT_1.1.1 Denial of Service Vulnerability in IBM WebSphere MQ 8.0 and 9.0 with Enabled Trace Memory Leak Vulnerability in ReadTGAImage Function of ImageMagick 7.0.5-6 Vulnerability: Bad Reference Counting in gnome-session's accept_ice_connection() Function Insecure CORS Configuration Allows Cross-Origin Requests from Malicious Domains SQL Injection Vulnerability in XOOPS 2.5.8.1 Core: install/page_dbsettings.php Reflected XSS Vulnerability in J2 Innovations FIN Stack 4.0 Authentication Webform Use-after-free vulnerability in Linux kernel mq_notify function Unrestricted File Access Vulnerability in TRITON AP-EMAIL 8.2 Arbitrary File Write Vulnerability in FineCMS through 2017-07-11 Stored XSS Vulnerability in FineCMS (through 2017-07-11) in User Information Modification and User Registration IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 Security Policy Misconfiguration Vulnerability Stored XSS in FineCMS Logging Functionality XSS Vulnerabilities in Rise Ultimate Project Manager v1.8 Messaging Section XSS Vulnerabilities in My Profile Section of Rise Ultimate Project Manager v1.8 Arbitrary File Deletion Vulnerability in GLPI before 9.1.5 SQL Injection in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter Denial of Service Vulnerability in gmp Plugin of strongSwan Inadequate Brute-Force Attack Mitigation in phpMyFAQ before 2.9.8 CPU Exhaustion Vulnerability in ImageMagick 7.0.6-0's ReadDPXImage Function Denial of Service Vulnerability in unrar-free 0.0.1 Sensitive Information Disclosure in IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 Stack-based buffer overflow in unrarlib.c in unrar-free 0.0.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long filename in an RAR archive. Bypassing Account-Locking Restrictions in FreeIPA 4.x API Version 2.213 CSRF Vulnerability in Pulse Connect Secure 8.3R1's diag.cgi Reflected XSS in Pulse Connect Secure 8.3R1 adminservercacertdetails.cgi Reflected XSS Vulnerability in Pulse Connect Secure 8.3R1's launchHelp.cgi CSRF Vulnerability in Pulse Connect Secure 8.3R1 Logout Function Privilege Escalation Vulnerability in CyberArk Viewfinity 5.5.10.95 and 6.x Arbitrary Web Script Injection in FineCMS through 2017-07-12 Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 8.5 and 9.0 SQL Injection in FineCMS via visitor_ip parameter in excludes.php Cross-Site Scripting (XSS) Vulnerability in FineCMS through 2017-07-12 via Image Upload FineCMS 2017-07-12 XSS Vulnerability in visitors.php Arbitrary Code Execution via Memory Corruption in Adobe Acrobat Reader Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, and 9.0 Arbitrary Code Execution via Font Parsing Vulnerability in Adobe Acrobat Reader Heap Overflow Vulnerability in Adobe Acrobat Reader JPEG Parser Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Integer Overflow Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Flash Player 27.0.0.183 and Earlier Versions Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Arbitrary Command Injection Vulnerability in IBM Security Guardium 8.2, 9.0, and 10.0 Heap Overflow Vulnerability in Adobe Acrobat Reader Type Confusion Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader PRC Engine Use After Free Vulnerability in Adobe Acrobat Reader XFA Engine Use After Free Vulnerability in Adobe Acrobat Reader XFA Layout Engine Use After Free Vulnerability in Adobe Flash Player Primetime SDK Metadata Functionality Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader FDF Security Bypass Vulnerability Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's JPEG 2000 Engine Use After Free Vulnerability in Adobe Acrobat Reader Use After Free Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Use After Free Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution via Memory Corruption in Adobe Acrobat Reader HTTP Header Injection Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader XSLT Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Local File Disclosure Vulnerability in IBM Cognos Analytics 10.1 and 10.2 Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Adobe Acrobat Reader AGM Module Memory Corruption Vulnerability Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader's Image Conversion Engine Use After Free Vulnerability in Adobe Acrobat Reader Type Confusion Vulnerability in Adobe Acrobat Reader XFA Layout Engine Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Information Disclosure Vulnerability in IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Arbitrary Code Execution Vulnerability in Adobe Acrobat Reader Security Bypass Vulnerability in Adobe Digital Editions 4.5.4 and Earlier XML Parsing Vulnerability in Adobe Digital Editions Use After Free Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Heap Overflow Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Use After Free Vulnerability in Adobe Digital Editions 4.5.4 and Earlier: Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 Arbitrary Code Execution Vulnerability in Adobe Digital Editions 4.5.4 and Earlier Adobe Flash Player Text Handling Memory Corruption Vulnerability Adobe Flash Player MP4 Atom Parser Memory Corruption Vulnerability Untrusted Data Deserialization Vulnerability in Adobe ColdFusion Untrusted Data Deserialization Vulnerability in Adobe ColdFusion Critical Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion 2016 and 11 Adobe ColdFusion XML External Entity (XXE) Injection Vulnerability Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Reflected Cross-Site Scripting Vulnerability in Adobe Connect 9.6.2 and Earlier Versions Denial of Service Vulnerability in IBM Notes 8.5 and 9.0 Adobe Connect UI Redress (Clickjacking) Vulnerability Adobe Connect 9.6.2 SSRF Vulnerability: Bypassing Network Access Controls Adobe Flash Player Bytecode Verification Vulnerability Memory Corruption Vulnerability in Adobe Acrobat and Reader Memory Corruption Vulnerability in Adobe Shockwave Memory Corruption Vulnerability in Adobe DNG Converter Allows Arbitrary Code Execution Cross-Site Scripting Vulnerability in Apache Sling Servlets Post 2.3.20 Resolved in Adobe Experience Manager Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Denial of Service Vulnerability in IBM Notes 8.5 and 9.0 Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe Digital Editions 4.5.6 and Earlier Versions Memory Corruption Vulnerability in Adobe InDesign 12.1.0 and Earlier Versions Memory Corruption Vulnerability in Adobe Photoshop 18.1.1 and Earlier Versions Use-After-Free Vulnerability in Adobe Photoshop 18.1.1 and Earlier Versions Adobe Flash Player Version 27.0.0.187 Regression: Unintended Global Settings Preference File Reset on Clearing Browser Data Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Avaya IP Office SoftConsole Client IBM Sterling B2B Integrator Standard Edition 5.2 Unauthorized Information Disclosure Vulnerability Memory Leak Vulnerabilities in ImageMagick's read_user_chunk_callback Function Heap Buffer Overflow in OpenMPT and libopenmpt: Arbitrary Code Execution via Crafted PSM File Arbitrary File Upload and Code Execution Vulnerability in Telerik.Web.UI Cobian Backup 11 Client Vulnerability: Man-in-the-Middle Attack and Remote Command Execution Remote authenticated users can gain privileges through insufficient validation and missing cross-server side checking mechanisms in Perspective ICM Investigation & Case 5.1.1.16 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Persistent XSS Vulnerability in Technicolor TC7337 Routers: Exploiting SSID for DNS Poisoning and Credential Theft Privilege Escalation via Shell Metacharacters in UCOPIA Wireless Appliance Restricted Shell Interface Remote Root Privilege Escalation in UCOPIA Wireless Appliance Stack-based Buffer Overflow in ESTsoft ALZip 8.51 and Earlier via Crafted MS-DOS Device File SQL Injection Vulnerability in Tilde CMS 1.0.1 Arbitrary File Read Vulnerability in Tilde CMS 1.0.1 Arbitrary File Upload Bypass via Filename Manipulation in Tilde CMS 1.0.1 Sensitive Data Exposure in Tilde CMS 1.0.1 via Direct References YARA 3.x Heap Buffer Overflow Vulnerability in yr_object_array_set_item() Function SQL Injection in GLPI via ajax/getDropdownValue.php with entity_restrict parameter Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 Denial of Service Vulnerability in DivFix++ v0.34 Memory Allocation Error in Xiph.Org vorbis-tools 1.4.0 Denial of Service Vulnerability in Sound eXchange (SoX) 14.4.2 via Crafted WAV File Denial of Service Vulnerability in libvorbis 1.3.5 via Crafted WAV File Denial of Service Vulnerability in QEMU's address_space_write_continue Function Heap-based Buffer Overflow in LibTIFF 4.0.8 via PlanarConfig=Contig Image Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.26's Image::printIFDStructure Function Remote Denial of Service Vulnerability in Exiv2 0.26 Remote Denial of Service Vulnerability in Exiv2 0.26 Heap-Based Buffer Overflow in Exiv2 0.26's Image::printIFDStructure Function Privilege Escalation Vulnerability in IBM Reliable Scalable Cluster Technology (IBM Reference #: 1998459) Remote Denial of Service Vulnerability in Exiv2 0.26: Segmentation Fault in XmpParser::terminate() Function Heap-based Buffer Over-read Vulnerability in LibSass 3.4.5 Allows Remote Denial of Service Attack Remote Denial of Service Vulnerability in LibSass 3.4.5 due to Illegal Address Access in ast.cpp Algorithmic Complexity Attack in CHICKEN Scheme: Incomplete Fix for CVE-2012-6125 Global Buffer Overflow Vulnerability in ASUS Firmware for Various ASUS Devices Stack Buffer Overflow in Networkmap in ASUS Firmware for Various ASUS Devices Arbitrary Code Execution Vulnerability in Zoho ManageEngine Desktop Central Authenticated Code Execution Vulnerability in MetInfo 5.3.17: Remote Attackers Can Generate Malicious PHP Scripts from Image Content Directory Traversal Vulnerability in Octopus Deploy 3.x before 3.15.4 Remote Code Execution and Unauthorized Program/Schedule Composition in dataTaker DT8x dEX 1.72.007 CSRF Vulnerability in Axesstel MU553S MU55XS-V1.14 Devices Default Password Vulnerability in Axesstel MU553S MU55XS-V1.14 Devices Incomplete Fix for RLE Image Handling Vulnerability in ImageMagick Race condition in yadm 1.10.0 allows unauthorized access to SSH and PGP keys SQL Injection Vulnerability in Fiyo CMS v2.0.7 via name parameter in sys_article.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PEGA Platform 7.2 ML0 and Earlier Information Disclosure Vulnerability in PEGA Platform 7.2 ML0 and Earlier Arbitrary File Upload and Code Execution in Progress Telerik UI for ASP.NET AJAX Denial of Service Vulnerability in Sound eXchange (SoX) 14.4.2 via Crafted hcom File Denial of Service Vulnerability in SoX 14.4.2 via Crafted SND File Conversion Large Loop Vulnerability in ReadRLEImage Function of ImageMagick 7.0.6-1 via Crafted RLE File Inteno Routers: JUCI ACL Misconfiguration Allows Unauthorized File Access and SSH Key Manipulation Stack-based buffer overflow vulnerability in ext/intl/msgformat/msgformat_parse.c in PHP before 7.0.21 and 7.1.x before 7.1.7 allows remote attackers to cause a denial of service or possibly have other unspecified impact via a long argument to the msgfmt_parse_message function. Unverified Ownership Vulnerability in Joomla! CMS Installer Incorrect Access Control in Symfony Password Validator Remote Command Execution in Codiad File Manager Denial of Service Vulnerability in shoco_decompress Function Kerberos 5 Assertion Failure Vulnerability Weak Security Vulnerability in IBM WebSphere Application Server 8.0 and 8.5.5 Lack of Signed or Validated Configuration and Database Backup Archives in Trend Micro Deep Discovery Director 1.1 Static Password Encryption Vulnerability in Trend Micro Deep Discovery Director 1.1 Command Injection Vulnerability in Trend Micro Deep Discovery Director 1.1 Allows Unauthorized Account Restoration Arbitrary File Deletion Vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via SQL Injection Title: Authentication Bypass and Information Disclosure in Trend Micro Control Manager 6.0 Remote Code Execution via SQL Injection in Trend Micro Control Manager 6.0 Remote Code Execution Vulnerability in Trend Micro Control Manager 6.0 via Directory Traversal Trend Micro Control Manager 6.0 XXE Processing Vulnerability Arbitrary Code Execution Vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 Remote Code Execution Vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 Trend Micro OfficeScan Proxy Command Injection Vulnerability Trend Micro OfficeScan 11 and XG (12) Proxy Command Injection Vulnerability Command Injection Vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 Server Administration UI Remote Code Injection Vulnerability in Trend Micro Web Security Virtual Appliance 6.5 Remote Code Execution Vulnerability in Trend Micro Encryption for Email Session Hijacking via Log Disclosure Vulnerability in Trend Micro Smart Protection Server Integer Overflow in ape_decode_frame function in FFmpeg Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.0 and 8.5 Incomplete Firmware Signature Allows Local Attackers to Upgrade Belden Hirschmann Tofino Xenon Security Appliance with Unsigned Data Belden Hirschmann Tofino Xenon Security Appliance ModBus Packet Handling Vulnerability Remote Rule Activation and TCP Port Bypass Vulnerability in Belden Hirschmann Tofino Xenon Security Appliance Use-after-free vulnerability in GraphicsMagick: Out-of-order CloseBlob call in ReadMNGImage function Remote Code Execution via FileManager in CMS Made Simple (CMSMS) 2.2.2 Arbitrary PHP File Upload Vulnerability in CMS Made Simple (CMSMS) 2.2.2 Infinite Loop Vulnerability in Wireshark DOCSIS Dissector MQ Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13 AMQP Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13 GPRS LLC Dissector Loop Vulnerability in Wireshark 2.0.0 to 2.0.13 Information Disclosure Vulnerability in IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 Infinite Loop Vulnerability in Wireshark WBXML Dissector OpenSAFETY Dissector Crash and Memory Exhaustion Vulnerability SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in comment_status.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in comment_status.php SQL Injection in Fiyo CMS 2.0.7 via app_comment/sys_comment.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level'] SQL Injection Vulnerability in Fiyo CMS 2.0.7 via name parameter in /apps/app_comment/controller/insert.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_GET['id'] in article_status.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via article_list.php SQL Injection Vulnerability in Fiyo CMS 2.0.7 via editor.php Failure to Set Secure Flag for Session Cookie in IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 Stack-based Buffer Overflow in ASUS Discovery.c in Networkmap in ASUSwrt-Merlin Firmware for ASUS Devices and ASUS Firmware for ASUS RT-AC5300, RT-AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT-AC1200GU, RT-AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT-N12+_PRO, RT-N16, and RT-N300 Devices Gnome-Exe-Thumbnailer Vulnerability: Bad Taste VBScript Injection Session Permission Bypass in Statamic Framework (before 2.6.0) Stack-based buffer over-read vulnerability in the cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha Vulnerability: Symmetric/Asymmetric Key Confusion in PyJWT 1.5.0 and below XML Signature Wrapping Vulnerability in OneLogin PythonSAML XML Signature Wrapping Vulnerability in OneLogin Ruby-SAML XML Signature Wrapping Vulnerability in saml2-js 2.0 and earlier HTTP Strict Transport Security Bypass in IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 XML Signature Wrapping Vulnerability in OmniAuth OmnitAuth-SAML Denial of Service Vulnerability in QEMU's dhcp_decode Function Authentication Bypass Vulnerability in Humax Wi-Fi Router Model HG100R-* 2.0.6 D-Link DIR-615 Vulnerability: Remote Access via TELNET Backdoor Unauthorized Access to Repositories via Mirroring Feature in GitLab Enterprise Edition (EE) Arbitrary Project Addition Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) Reflected XSS Vulnerability in Sitecore 8.2 Shell Applications Tools Run Program Parameter Local Privilege Escalation Vulnerability in IBM WebSphere Message Broker Absolute Path Traversal Vulnerability in Sitecore 8.2 XSS Vulnerability in WHM Upload Locale Interface (SEC-297) SQL Injection Vulnerability in Subrion CMS 4.1.5.10: Exploiting $_GET Array in /front/search.php SQL Injection Vulnerability in Subrion CMS 4.1.6 and Earlier Versions Infinite Loop Vulnerability in ImageMagick's ReadPESImage Function Memory Leak Vulnerability in ImageMagick's ReadSCREENSHOTImage Function Uninitialized Memory Disclosure in ImageMagick's ReadJPEGImage Function Denial of Service Vulnerability in ImageMagick's coders/mpc.c Denial of Service Vulnerability in IBM WebSphere MQ 8.0.0.6 JPEG Data Length Vulnerability in ImageMagick CSRF Vulnerability in diag.cgi in Pulse Connect Secure and Pulse Policy Secure Directory Traversal Vulnerability in Geneko GWR Routers Allows Unauthenticated Access to Configuration File XML External Entity (XXE) Vulnerability in SAP NetWeaver AS JAVA 7.5 (SAP Security Note 2387249) Arbitrary Web Script Injection in SAP NetWeaver AS JAVA 7.3 (SAP Security Note 2406783) Arbitrary File Read and Write Vulnerability in SAP TREX 7.10 Cross-Site Scripting Vulnerability in IBM Content Navigator 2.0.3 and 3.0.0 SAP NetWeaver Portal 7.4 DataArchivingService Servlet XSS Vulnerability NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 Vulnerability: Clickjacking/UI Redress Attack Double Free Vulnerability in MIT Kerberos 5: Automatic Deletion of Security Contexts on Error Unrestricted Direct Object Reference Vulnerability in Ivanti Service Desk Division by Zero Vulnerability in GNOME librsvg 2.40.17 Denial of Service and Potential Bypass of $SAFE Protection Mechanism in Ruby 2.4.1 UTF-8 Parser Arbitrary File Upload Vulnerability in dotCMS 4.1.1 Arbitrary OS Command Execution in OrientDB through 2.2.22 Denial of Service Vulnerability in Docker Registry Directory Traversal Vulnerability in get2post.php of IDERA Uptime Monitor 7.8 Cross-Site Scripting (XSS) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 SQL Injection Vulnerability in IDERA Uptime Monitor 7.8 via /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php SQL Injection in IDERA Uptime Monitor 7.8 via /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php ACPI Operand Cache Flushing Vulnerability Buffer Overflow in Linux Kernel Allows Privilege Escalation via Crafted ACPI Table SQL Injection in GLPI before 9.1.5.1 via $crit variable in computer_softwareversion.class.php SQL Injection in GLPI's Condition Rule Field via front/rulesengine.test.php Denial of Service via Malformed DJVU Image in ImageMagick Cross-Site Scripting (XSS) Vulnerability in Kibana Timelion Information Disclosure Vulnerability in IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) Application Denial of Service Vulnerability in Packetbeat's PostgreSQL Protocol Handler Cross-Site Scripting (XSS) Vulnerability in Kibana URL Fields Incomplete Fix for Open Redirect Vulnerability in Kibana Versions 6.0.1 and 5.6.5 XML External Entity Injection (XXE) Vulnerability in IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 SQL Injection Vulnerability in SOL.Connect ISET-mpp Meter 1.2.4.2 and Earlier: Remote Code Execution via User Parameter Unauthenticated Remote Code Execution and Reboot Vulnerability in PHICOMM K2(PSG1218) Devices Remote Code Execution Vulnerability in Gemalto ACC (Admin Control Center) Stack Buffer Overflow in Gemalto ACC Allows Remote Code Execution via Long Filenames Remote Denial of Service Vulnerability in Gemalto ACC (Admin Control Center) Vulnerability: Hash Flooding Remote DoS Attacks in Node.js Unauthorized Access to Restricted Tables in IBM DB2 Directory Traversal Vulnerability in MetInfo 5.3.17 Allows Remote File Deletion Unintended SSL Certificate Validation Absence in NixOS LDAP Authentication Arbitrary File Reading Vulnerability in Technicolor DPC3928AD DOCSIS Devices XSS Vulnerability in PHPMailer 5.2.23's From Email Address and To Email Address Fields Denial of Service Vulnerability in ImageMagick's ReadOneJNGImage Function TLS Certificate Verification Bypass in Nessus 6.x before 6.11 Cross Site Scripting (XSS) Vulnerability in Check_MK Versions 1.2.8x and 1.4.0x SQL Injection Vulnerability in SecurityCenter Versions 5.5.0-5.5.2 Arbitrary Code Execution Vulnerability in Firebird SQL Server 2.5.7 and 3.0.2 Elevated Privilege Vulnerability in IBM WebSphere Application Server with OpenID Connect and Trust Association Interceptor Information Leak Vulnerability in Wanscam HW0021 Network Camera Allows Unauthorized Access to Administrator Credentials Arbitrary File Download Vulnerability in ManageEngine ServiceDesk 9.3.9328 Arbitrary File Download Vulnerability in ManageEngine ServiceDesk 9.3.9328 XSS Vulnerability in Yii Framework 2.0.12 Exception Screen Remote Code Execution via Stack-based Buffer Overflow in Geutebrueck Gcore Server Vulnerability in TP-Link Archer C9(UN)_V2_160517 Allows Admin Password Reset Session ID Leakage Vulnerability in IBM Financial Transaction Manager 3.0.1 and 3.0.2 Denial of Service Vulnerability in reSIProcate 1.10.2 NULL Pointer Dereference Vulnerability in WriteOnePNGImage Function Denial of Service Vulnerability in ImageMagick's ReadTXTImage Function Denial of Service Vulnerability in ImageMagick's WriteBlob Function Memory Consumption Denial of Service Vulnerability in ImageMagick Denial of Service Vulnerability in ImageMagick's ReadOneMNGImage Function Memory Consumption Denial of Service Vulnerability in ImageMagick Memory Leak Vulnerability in ImageMagick's ReadDIBImage Function Memory Leak Vulnerability in ImageMagick's ReadMATImage Function Privilege Escalation Vulnerability in IBM TRIRIGA Report Manager 3.2-3.5 Memory Consumption Denial of Service Vulnerability in ImageMagick Memory Leak in ImageMagick's WriteHISTOGRAMImage() Function Memory Leak in WriteMPCImage() function in ImageMagick 7.0.6-1 Heap-based Buffer Over-read in ImageMagick's WriteUILImage() Function Memory Leak in ImageMagick 7.0.6-1's convert Function when Processing Crafted Files Heap-based Buffer Over-read in ImageMagick 7.0.6-1's WritePSImage() Function Memory Leak in WriteJP2Image() function in ImageMagick 7.0.6-1 Floating Point Exception (FPE) Vulnerability in ImageMagick 7.0.6-1's WritePALMImage() Function Memory Leak in WriteOnePNGImage() function in ImageMagick 7.0.6-1 Memory Leak in ImageMagick's ReadOnePNGImage() Function Local File Access Vulnerability in IBM Algorithmics One-Algo Risk Application Heap-based Buffer Over-read in ImageMagick's Convert Function Heap-Based Buffer Over-Read Vulnerability in tcpdump 4.9.0 Heap-Based Buffer Over-Read in tcpdump 4.9.0's pimv1_print Function Buffer Overflow Vulnerability in tcpdump 4.9.0's sliplink_print Function Denial of Service Vulnerability in TiMidity++ 2.14.0 via Crafted MIDI File Heap-based Buffer Over-read Vulnerability in TiMidity++ 2.14.0 Memory Corruption Vulnerability in Xiph.Org libao 1.2.0 via Crafted MP3 File Denial of Service Vulnerability in TiMidity++ 2.14.0 via Crafted MIDI File User Report Access Vulnerability in IBM Algorithmics One-Algo Risk Application NULL Pointer Dereference and Application Crash Vulnerability in libid3tag 0.15.1b Denial of Service Vulnerability in libid3tag 0.15.1b via Crafted MP3 File Memory Corruption Vulnerability in mpg321 0.3.2-1 with libmad 0.15.1b Remote Denial of Service Vulnerability in Exiv2 0.26 via Illegal Address Access in extend_alias_table Function Remote Denial of Service Vulnerability in LibSass 3.4.5 Remote Denial of Service Vulnerability in LibSass 3.4.5 Stack Consumption Vulnerability in LibSass 3.4.5 Parser::advanceToNextToken Function Unauthenticated User Enumeration in ZOHO ManageEngine Applications Manager 12.3 Blind SQL Injection Vulnerability in ZOHO ManageEngine OpManager 12.2 Open Redirect Vulnerability in IBM WebSphere Portal 8.5 and 9.0 Allows for Phishing Attacks Arbitrary JavaScript Injection via Google Map Integration in ZOHO ManageEngine OpManager 12.2 Arbitrary File Upload Vulnerability in ZOHO ManageEngine OpManager 12.2 Session Fixation Vulnerability in SenhaSegura Web Application 2.2.23.8 via login_if.php Remote Code Execution Vulnerability in D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 Multiple Command Injection Vulnerabilities in D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 Incorrect implementation of aa-exec in Debian Tor package allows bypassing of AppArmor restrictions Shell Command Injection Vulnerability in AppUse 4.0 via Proxy Field CSRF Vulnerability in Mongoose Web Server Allows Remote Code Execution Heap-based Buffer Over-read Vulnerability in FontForge 20161012 Heap-based Buffer Over-read Vulnerability in FontForge 20161012 Unauthorized Access to Restricted Report Data in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 Buffer Over-read Vulnerability in FontForge 20161012: Exploiting umodenc in parsettf.c for DoS or Code Execution Stack-based Buffer Overflow in FontForge 20161012: Exploiting the addnibble Function in parsettf.c Heap-Based Buffer Over-Read Vulnerability in FontForge 20161012 Buffer Over-read Vulnerability in FontForge 20161012: Exploiting ValidatePostScriptFontName in parsettf.c Heap-based Buffer Overflow in FontForge 20161012: DoS and Code Execution Vulnerability Buffer Over-read Vulnerability in FontForge 20161012: Exploiting strnmatch in char.c for DoS or Code Execution FontForge 20161012 Denial of Service Vulnerability Buffer Over-read Vulnerability in FontForge 20161012: Exploiting getsid in parsettf.c Insecure HTTP Connection Vulnerability in Blipcare Wireless Blood Pressure Monitor Vulnerability: Open Wireless Network and Credential Sniffing in Blipcare Blipcare Wifi Blood Pressure Monitor BP700 10.1 Devices Denial of Service Vulnerability Cross Site Scripting (XSS) in dayrui FineCms 5.0.9 via Non-Standard Username Payload SQL Injection in dayrui FineCms 5.0.9 via num parameter in action=related or action=tags request to libraries/Template.php SQL Injection in dayrui FineCms 5.0.9 via catid parameter in action=related request to libraries/Template.php SQL Injection in dayrui FineCms 5.0.9 via field parameter in action requests Remote PHP Code Execution in dayrui FineCms 5.0.9 via Eval Injection in libraries/Template.php URL Redirector Abuse in dayrui FineCms 5.0.9 via the url parameter in a sync action Directory Traversal Vulnerability in Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Remote Command Execution via Shell Metacharacters in Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Lack of Access Control for Multiple Commands on Cisco DDR2200 and DDR2201v1 ADSL2+ Residential Gateways Open Redirect Vulnerability in IBM Business Process Manager 8.0 and 8.5 Remote Denial of Service Vulnerability in libgxps 0.2.5 Remote Denial of Service Vulnerability in Exiv2 0.26 via Floating Point Exception in Exiv2::ValueType Function Exiv2 0.26 Mismatched Memory Management Routines Vulnerability Markdown Preview Plus Extension XSS Vulnerability Markdown Parser XSS Vulnerability in Loomio before 1.8.0 Cross-Site Scripting (XSS) Vulnerability in IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x Out-of-bounds access vulnerability in Linux kernel's xfrm_policy.c Heap-based Buffer Over-read Vulnerability in LibSass 3.4.5 Allows Remote Denial of Service Attack Heap-based Buffer Over-read in LibSass 3.4.5: Remote Denial of Service Vulnerability Arbitrary Command Execution Vulnerability in IBM API Connect 5.0.6.0 Arbitrary Command Execution via Crafted XML-RPC Request in Supervisor Cross-Site Scripting (XSS) Vulnerability in Wolf CMS 0.8.3.1 XSS Vulnerabilities in Joomla! Components Due to Inadequate HTML Tag Filtering Denial of Service Vulnerability in LibTIFF 4.0.8 TIFFOpen Function Hard-coded Credentials in MEDHOST Connex Allow Unauthorized Access to Customer Database Sandbox Escape Vulnerability in Wube Factorio Lua Interface Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 via IMG element with quotes IBM QRadar 7.2 and 7.3 Information Disclosure Vulnerability Stack-Consumption Vulnerability in libqpdf Allows for Denial of Service Stack-Consumption Vulnerability in libqpdf Allows Denial of Service via Crafted File Stack-Consumption Vulnerability in libqpdf Allows for Denial of Service Stack-Consumption Vulnerability in libqpdf: Denial of Service via Crafted File Stack-based buffer overflow in zend_ini_do_op() function in PHP versions before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7 allows for denial of service or potential code execution. Cross Site Scripting (XSS) in dayrui FineCms through 5.0.10 via controllers/api.php Arbitrary File Deletion Vulnerability in Fiyo CMS 2.0.7 SQL Injection Vulnerability in status.php in Fiyo CMS 2.0.7 Vulnerability: Root Account with Known SHA-512 Password Hash on Wireless IP Camera 360 Devices RTSP Credential Disclosure Vulnerability in Wireless IP Camera 360 Devices Weakly Encoded Admin Password Vulnerability in Wireless IP Camera 360 Devices Vulnerability: Unauthorized Access to Recordings on Wireless IP Camera 360 Devices Heap Overflow in GraphicsMagick 1.3.26's WriteRGBImage() Function NULL Pointer Dereference in WritePCLImage() Function in GraphicsMagick 1.3.26 Segmentation Violation in WriteMAPImage() Function in GraphicsMagick 1.3.26 Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-1's Convert Function Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation Address Access Exception in ImageMagick 7.0.6-1 Convert Function Memory Leak in PersistCache function in GraphicsMagick 1.3.26 GraphicsMagick 1.3.26 WriteMAPImage() Function NULL Pointer Dereference Vulnerability Heap Overflow Vulnerability in GraphicsMagick 1.3.26's WriteCMYKImage() Function Memory Leak in ReadMATImage() function in ImageMagick 7.0.6-1 Unauthenticated Access to Logfile, Status, and System Configuration in NetComm Wireless 4GT101W Routers CSRF Vulnerability in NetComm Wireless 4GT101W Routers Stored Cross-Site Scripting Vulnerability in NetComm Wireless 4GT101W Routers CSRF Vulnerability in Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 CSRF Vulnerability in DrayTek Vigor AP910C Devices Allows Unauthorized SNMP Activation Arbitrary Web Script Injection in DrayTek Vigor AP910C Devices XSS Vulnerability in NexusPHP V1.5 via UBBCode URL Tag Weak Permissions in Razer Synapse CrashReporter Directory Allows Privilege Escalation via Trojan Horse DLL Weak Permissions in Razer Synapse 2.20.15.1104 and Earlier: Privilege Escalation via Trojan Horse Files SIPcrack 0.2 Out-of-Bounds Read and Write Vulnerability Memory Leak Vulnerability in SIPcrack 0.2 Allows Remote Attackers to Crash sipdump Sessions Privilege Escalation Vulnerability in Dashlane via Trojan Horse WINHTTP.dll Bypassing Local File Inclusion Mitigation in WP Rocket Plugin 2.9.3 Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File Remote RTMP Server Denial of Service Vulnerability in FFmpeg 3.3.2 Arbitrary Code Injection through File Preview in Kopano WebApp Session Hijacking Vulnerability in OpenProject Out-of-Bounds Read Vulnerability in eapmd5pass 1.4 Out-of-Bounds Read Vulnerability in eapmd5pass 1.4 Out-of-Bounds Read and Write Vulnerability in eapmd5pass 1.4 Vulnerability: Status Flag Clobbering in ix86_expand_builtin Function Privilege Escalation Vulnerability in OPC Foundation Local Discovery Server (LDS) Remote Code Execution and Denial of Service Vulnerability in Acunetix 8's Reporter.exe Denial of Service Vulnerability in Acunetix 8 Reporter.exe Arbitrary PHP Code Execution in ZenCart 1.5.5e via Invalid Array Index XSS Vulnerability in Hashtopus 1.5g Allows Remote Code Injection via admin.php SQL Injection Vulnerability in Hashtopus 1.5g: Remote Code Execution via admin.php CSRF Vulnerability in Hashtopus 1.5g via admin.php Password Parameter Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 CSRF Vulnerability in Hashtopussy 0.4.0 Allows Unauthorized Admin Password Change Improper Access Control in Hashtopussy 0.4.0 Allows Remote Authenticated Users to Execute Administrative Actions Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0: Remote Code Injection via hashcat.php parameters Remote Denial of Service Vulnerability in Exiv2 0.26 Remote Denial of Service Vulnerability in Libav 12.1 via Illegal Address Access in build_table Function Multiple Reflective Cross-Site Scripting (XSS) Vulnerabilities in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 Authentication Bypass and Password Exposure in Zoho ManageEngine Event Log Analyzer Persistent Cross-Site Scripting (XSS) Vulnerabilities in Zoho ManageEngine Event Log Analyzer Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) Allows Arbitrary JavaScript Code Execution Cacti 1.1.13 Auth_Profile.php Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in yaml-cpp 0.5.3 and Earlier Hard-coded Credentials in MEDHOST Document Management System Pose Database Access Vulnerability Hard-coded Credentials in MEDHOST Document Management System Pose Risk of Unauthorized Access and Data Manipulation Heap-based Buffer Overflow in NSS's alloc_segs Function Heap-based Buffer Overflow in NSS __hash_open Function Denial of Service Vulnerability in NSS's hash_open Function Heap-based Buffer Overflow in NSS __get_page Function Session Hijacking Vulnerability in IBM WebSphere Commerce 8.0 Memory Leak Vulnerability in Ming 0.4.8's parseSWF_DOACTION Function Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8's decompileIF Function Memory Leak Vulnerability in Ming 0.4.8's parseSWF_SHAPEWITHSTYLE Function Insecure Login Credentials Exposure in Boozt Fashion Android App Unauthorized Execution of Application Actions in IBM TRIRIGA Application Platform Out-of-Bounds Read Vulnerability in Artifex Ghostscript 9.21 Arbitrary PHP Code Execution Vulnerability in MetInfo through 5.3.17 Stored XSS Vulnerability in MetInfo 5.3.17 via HTML Edit Mode Vulnerability: CAPTCHA Bypass in MetInfo through 5.3.17 URL Redirector Abuse Vulnerability in MetInfo through 5.3.17 via gourl parameter in member/login.php Out-of-array Access Vulnerability in FFmpeg's dnxhd_decode_header Function Critical Division-by-Zero Vulnerability in LAME 3.99.5: Exploiting Malformed Input Files Buffer Overflow Vulnerability in ioquake3 (pre-2017-08-02) Allows Remote Code Execution Out-of-Bounds Read and Application Crash in GraphicsMagick 1.3.26 Directory Traversal Vulnerability in Xinha 0.96 Allows Remote Folder Deletion Memory Leaks in ReadMATImage Function in ImageMagick Unintended Redirection Vulnerability in Thycotic Secret Server before 10.2.000019 Cross-Site Request Forgery (CSRF) Vulnerability in ConnectWise Manage 2017.5 Arbitrary JavaScript Code Execution via XSS in ConnectWise Manage 2017.5 Contact.rails Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8 Invalid Memory Read Vulnerability in Ming 0.4.8's OpCode Function Heap-based Buffer Overflow Vulnerability in Ming 0.4.8's dcputs Function Null Pointer Dereference Vulnerability in Ming 0.4.8's stackswap Function Heap-Based Buffer Over-read Vulnerability in Ming 0.4.8's decompileCALLFUNCTION Function SQL Injection Vulnerability in BigTree 4.2.18: Remote Code Execution via process.php Cross-Site Scripting (XSS) in Rspamd WebUI History Page Time-based Blind SQL Injection Vulnerability in Zoho ManageEngine Application Manager Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Application Manager 13.1 Build 13100 SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Arbitrary Code Execution Vulnerability in Zoho ManageEngine Application Manager 13.1 Build 13100 Privilege Escalation in HashiCorp Vagrant VMware Fusion Plugin DLL Hijacking Vulnerability in libexpat Hard-coded Mirth Connect Admin Credential in MEDHOST Connex XSS Vulnerability in MODX Revolution 2.5.7 System Settings Module Arbitrary Process Killing Vulnerability in Tenshi 0.15 Arbitrary Process Killing Vulnerability in Tinyproxy 1.8.4 and Earlier Vulnerability: Untrusted Search Path in VIT Spider Player 2.5.3 Allows DLL Hijacking DLL Hijacking Vulnerability in InternetSoft FTP Commander 8.02 and Prior SQL Injection Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 NULL Pointer Dereference Vulnerability in ImageMagick's ReadOneJNGImage Function Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-4's ReadMAGICKImage Function Heap-based Buffer Over-read Vulnerability in GetImageDepth Function of ImageMagick 7.0.6-4 Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Memory Leak Vulnerability in ImageMagick's WritePICONImage Function Arbitrary PHP Code Execution in Earcms Ear Music 4.1 Build 20170710 Heap-based Buffer Overflow in Actian Pervasive PSQL and Zen via TCP Port 1583 Inappropriate Data Retention of Attachments in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Arbitrary PHP Code Execution via Image Upload in ProjeQtOr before 6.3.2 Unintended Information Disclosure in Microsoft Exchange Server 2013 and 2016 Microsoft Graphics Remote Code Execution Vulnerability Microsoft Graphics Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge Windows Kernel Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore Scripting Engine Memory Corruption Vulnerability Windows Media Player Information Disclosure Vulnerability TRIE Remote Code Execution Vulnerability IBM BigFix Compliance 1.7 through 1.9.91 Information Disclosure Vulnerability .NET Core Denial of Service Vulnerability through Improper Certificate Data Parsing Windows Search DNS Response Remote Code Execution Vulnerability Windows Search Memory Object Handling Vulnerability Microsoft Outlook Security Feature Bypass Vulnerability Microsoft Office SharePoint XSS Vulnerability Outlook 2016 Email Content Disclosure Vulnerability Microsoft Office SharePoint XSS Vulnerability Windows DNSAPI Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Endpoint Manager for Security and Compliance 1.9.70 Windows SMB Remote Code Execution Vulnerability Windows SMB Denial of Service Vulnerability Windows SMB Elevation of Privilege Vulnerability ALPC Elevation of Privilege Vulnerability in Microsoft Windows Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Skype for Business Elevation of Privilege Vulnerability Windows Search Denial of Service Vulnerability Weak Cryptographic Algorithms in IBM BigFix Compliance Analytics 1.9.79: High-Risk Information Decryption Vulnerability Internet Explorer Memory Object Handling Vulnerability Scripting Engine Information Disclosure Vulnerability in ChakraCore, Internet Explorer, and Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Internet Explorer Microsoft Edge Memory Object Handling Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore Scripting Engine Arbitrary Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability IBM TRIRIGA Document Manager Authenticated User Privilege Escalation Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore Scripting Engine Arbitrary Code Execution Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Memory Object Handling Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Unencrypted Console Connection Vulnerability in IBM Tivoli Monitoring Portal V6 Scripting Engine Memory Corruption Vulnerability in Internet Explorer ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability in Microsoft Windows 7, Windows Server 2008 R2, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 Windows Kernel Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Windows Storage Security Feature Bypass Vulnerability Windows Shell Remote Code Execution Vulnerability in Microsoft Windows 7 SP1 Arbitrary Command Execution Vulnerability in IBM Tivoli Monitoring Portal v6 Microsoft Office SharePoint XSS Vulnerability ChakraCore and Microsoft Edge Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Windows PowerShell Session Security Bypass Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Office and SharePoint Microsoft Browser Memory Corruption Vulnerability Elevation of Privilege Vulnerability in Windows 10 Update Delivery Optimization SQL Injection Vulnerability in IBM Tivoli Monitoring Portal v6 Device Guard Security Feature Bypass Vulnerability Windows Kernel Memory Initialization Vulnerability Windows EOT Font Engine Information Disclosure Vulnerability Microsoft Edge Cross-Origin Information Disclosure Vulnerability Scripting Engine Information Disclosure Vulnerability in Internet Explorer Windows EOT Font Engine Information Disclosure Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Windows Kernel Memory Initialization Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Microsoft Edge Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Windows Kernel Elevation of Privilege Vulnerability Internet Explorer Information Disclosure Vulnerability Windows Kernel Memory Initialization Vulnerability Windows Graphics Component Memory Handling Vulnerability Windows Kernel Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Windows Kernel Memory Address Initialization Vulnerability Microsoft Word Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Internet Explorer Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers Scripting Engine Memory Corruption Vulnerability in Microsoft Edge ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Content Security Policy (CSP) Validation Bypass Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability in Internet Explorer ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Security Feature Bypass Vulnerability in Windows 10 and Windows Server 2016 ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Microsoft Edge Security Feature Bypass Vulnerability Cross-Site Forgery and Elevation of Privilege Vulnerability in Microsoft Project Server and SharePoint Enterprise Server 2016 Excel Macro Security Bypass Vulnerability Microsoft Excel Memory Corruption Vulnerability ASP.NET Core 2.0 Session Information Theft Vulnerability Windows Kernel Object Initialization Information Disclosure Vulnerability Microsoft Office Memory Corruption Vulnerability .NET CORE Denial Of Service Vulnerability Microsoft Excel 2016 Click-to-Run (C2R) Memory Corruption Vulnerability Windows RRAS Service Remote Code Execution Vulnerability Scripting Engine Memory Corruption Vulnerability in Microsoft Windows Internet Explorer Scripting Engine Information Disclosure Vulnerability Microsoft Edge Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 Scripting Engine Memory Corruption Vulnerability in Microsoft Windows ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Untrusted File Handling Security Bypass in Device Guard Arbitrary Code Execution Vulnerability in IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 Internet Explorer Scripting Engine Memory Corruption Vulnerability Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Information Disclosure Vulnerability in Internet Explorer Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1709 Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability Unrestricted URL Access Vulnerability in IBM Rational Collaborative Lifecycle Management Applications ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 Scripting Engine Memory Corruption Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Internet Explorer Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability ChakraCore Scripting Engine Memory Corruption Vulnerability ChakraCore and Microsoft Edge Scripting Engine Memory Corruption Vulnerability Scripting Engine Information Disclosure Vulnerability XML External Entity Injection (XXE) Vulnerability in IBM Sterling B2B Integrator 5.2 Windows its:// Protocol Handler Information Disclosure Vulnerability IBM Sterling B2B Integrator Standard Edition 5.2 Information Disclosure Vulnerability ChakraCore and Internet Explorer Memory Corruption Vulnerability Microsoft Exchange Spoofing Vulnerability in Outlook Web Access (OWA) Memory Handling Vulnerability in Microsoft Office 2013 and 2016: Information Disclosure Microsoft Office 2016 Click-to-Run (C2R) Remote Code Execution Vulnerability Web Request Handling Vulnerability in Microsoft SharePoint Enterprise Server 2016 Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Office 2016 Click-to-Run (C2R) Information Disclosure Vulnerability Cross-Site Request Forgery (CSRF) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Microsoft Malware Protection Engine Remote Code Execution Vulnerability Open Redirect Vulnerability in IBM Curam Social Program Management Weak Password Policy in IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 Inadequate Account Lockout Setting in IBM BigFix Compliance (TEMA SUAv1 SCA SCM) Allows Remote Brute Force Attack Sensitive Information Disclosure in IBM BigFix Compliance 1.7 through 1.9.91 Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Master Data Management Server 10.0-11.6 Certificate Validation Vulnerability in IBM BigFix Compliance 1.7 through 1.9.91 Clear Text Storage of User Credentials in IBM BigFix Compliance Analytics 1.9.79 HTML Injection Vulnerability in IBM BigFix Compliance 1.7 through 1.9.91 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications Hard-coded Credentials Vulnerability in IBM Tealeaf Customer Experience Privilege Escalation Vulnerability in IBM Platform LSF 10.1 Cross-Site Scripting (XSS) Vulnerability in MantisBT Installation Script Cross-Site Scripting (XSS) Vulnerability in MantisBT 2.x before 2.5.2 Bypassing Access Restrictions in csv_log_html Function in OpenEMR Arbitrary Code Execution in Cacti (CVE-2021-20227) Cross-Site Scripting (XSS) Vulnerability in Cacti 1.1.16 and Earlier Heap-Based Buffer Over-Read Vulnerability in Potrace 1.14's interpolate_cubic Function Cross-Site Scripting (XSS) Vulnerability in Event List Plugin 0.7.9 for WordPress XXE Vulnerability in OPC Foundation UA .NET Sample Code and Local Discovery Server (LDS) Clear Text Storage of User Credentials in IBM WebSphere Message Broker OPC Foundation DLLs Vulnerability: Potential for Malicious Code Replacement Arbitrary File Download Vulnerability in Synology Photo Station Arbitrary Code Injection via id Parameter in Synology Photo Station Arbitrary File Write Vulnerability in Synology DNS Server Command Injection Vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) Uncontrolled Resource Consumption Vulnerability in Synology DiskStation (DSM) Allows Remote DoS Attack Uncontrolled Resource Consumption Vulnerability in Synology Router Manager (SRM) Allows Remote DoS Attack Command Injection Vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 Arbitrary File Access Vulnerability in Synology Photo Station Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.1, 7.5, and 7.6 Information Exposure Vulnerability in Synology Photo Station Integer Overflow Vulnerability in Blender v2.78c Allows for Code Execution Blender CustomData Mesh Loading Integer Overflow Vulnerability Information Disclosure Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1: Remote Control Backdoor Vulnerability Circle with Disney Cloud Infrastructure Routing Vulnerability Blender Integer Overflow and Buffer Overflow Vulnerability Heap Overflow Vulnerability in tinysvcmdns Library Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Below Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 Denial of Service Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Below Memory Module File Write Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Insufficient Resource Pool Vulnerability in Allen Bradley Micrologix 1400 Series B Firmware 21.2 and Earlier Arbitrary Command Execution Vulnerability in Circle with Disney Firmware 2.0.1 Circle with Disney Firmware 2.0.1 WiFi Access Point Default Credentials Vulnerability WiFi Management Vulnerability in Circle with Disney: Unauthorized Network Connection Exploit Cross-Site Scripting (XSS) Vulnerability in delayed_job_web Rails Gem Version 1.4 Cross-Site Scripting (XSS) Vulnerability in Rails_Admin Gem 1.2.0 Integer Overflow Vulnerability in Blender v2.78c Allows for Code Execution Log File Injection Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 Integer Overflow and Buffer Overflow in Blender v2.78c Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Blender Curve to Polygon Conversion Integer Overflow Vulnerability Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Blender v2.78c Particle Object Integer Overflow Vulnerability Blender v2.78c Integer Overflow and Buffer Overflow Vulnerability Memory Corruption Vulnerability in Computerinsel Photoline 20.02's .TGA Parsing Functionality Memory Corruption Vulnerability in Computerinsel Photoline 20.02 PCX Parsing Functionality Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Information Disclosure Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual Integer Overflow Vulnerability in libxls 1.4 Allows Remote Code Execution Remote Code Execution Vulnerability in libxls 1.4 via xls_addCell Function Improper Authorization Vulnerability in cpp-ethereum's admin_addPeer API Improper Authorization Vulnerability in cpp-ethereum's admin_nodeInfo API Improper Authorization Vulnerability in cpp-ethereum's admin_peers API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC API Improper Authorization Vulnerability in cpp-ethereum's JSON-RPC Miner_Stop API Denial of Service Vulnerability in CPP-Ethereum JSON-RPC APIs Denial of Service Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Heap Overflow Vulnerability in SDL2_image-2.0.2 ILBM Image Rendering Clear Text Transmission of Password Vulnerability in Moxa EDR-810 V4.1 build 17030317 Moxa EDR-810 V4.1 Web Server Denial of Service Vulnerability Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Cross-Site Request Forgery Vulnerability in Moxa EDR-810 V4.1 build 17030317 Clear Text Password Extraction Vulnerability in Moxa EDR-810 V4.1 build 17030317 Information Disclosure Vulnerability in Moxa EDR-810 Server Agent Weak Cryptography for Passwords Vulnerability in Moxa EDR-810 V4.1 build 17030317 NULL Pointer Dereference Vulnerability in tinysvcmdns Library XSS Vulnerability in Easy Testimonials Plugin 3.0.4 for WordPress DNS Stub Resolver Vulnerability in glibc: Simplifying Off-Path DNS Spoofing Attacks Use-after-free vulnerability in clntudp_call function in glibc before 2.26 Xen Vulnerability: Local OS Guest Users Can Corrupt Block Device Data Streams and Gain Host OS Privileges Transitive Grants Vulnerability in Xen Grant Table Code Race Condition Vulnerability Privilege Escalation via map_grant_ref Vulnerability in Xen Stored URL Redirect Bypass Vulnerability in XOOPS Core 2.5.8 Stored XSS Vulnerability in XOOPS Core 2.5.8's imagemanager.php Remote Code Execution Vulnerability in IBM iNotes 8.5 and 9.0 Excessive Memory Consumption Vulnerability in ImageMagick's ReadDCMImage Function Heap-based Buffer Overflow Vulnerability in ytnef 1.9.2: Denial of Service via Crafted File Invalid Memory Read Vulnerability in ytnef 1.9.2: Denial of Service via Crafted File Denial of Service Vulnerability in libquicktime 1.2.4 Allocation Failure Vulnerability in ytnef 1.9.2 Allows Denial of Service Allocation Failure Vulnerability in libquicktime 1.2.4's quicktime_read_ftyp Function Race Condition Vulnerability in Linux Kernel's driver_override Implementation Arbitrary Command and Code Execution Vulnerability in Ansible Tower's SCM Repositories Arbitrary Code Execution Vulnerability in Jboss Application Server Samba Vulnerability: Inadequate Enforcement of SMB Signing Samba Client Encryption Bypass Vulnerability NULL Pointer Dereference Vulnerability in nl80211_set_rekey_data() Function Vulnerability: Unauthorized Access to Hardware CR8 Register in KVM L2 Guest OS OpenStack TripleO Heat Templates: World-Readable Ceph Keyring Vulnerability XSS Vulnerability in Moodle 3.x Contact Form on Non-Respondents Page User Data Exposure in Moodle 3.x Course Reports Keycloak Vulnerability: Reflected XSS via HOST Header URL in Admin Console CSRF Vulnerability in Keycloak Allows Unauthorized Session Access Keycloak OAuth Token Persistence Vulnerability URL Spoofing Vulnerability in Keycloak Samba SMB1 Protocol Information Leak Vulnerability GDM 3.24.1 Vulnerability: Unauthorized Screen Unlock via Autologin Undertow HTTP Request Smuggling Vulnerability Buffer Overflow Vulnerability in OpenVPN Key-Method 1 World Readable Access to User and Role Information in EAP 7 Denial of Service Vulnerability in Linux Kernel's access_pmu_evcntr Function Password Hash Disclosure Vulnerability in FreeIPA Cross-Site Scripting Vulnerability in IBM WebSphere Portal 8.5 and 9.0 Packaging Error in Fedora's pure-ftpd Version 1.0.46-1: Security Configuration Override Vulnerability Improper Parsing of Configuration Comments in Red Hat Enterprise Linux 6.9 httpd 2.2.15-60 Privilege Escalation Vulnerability in PostgreSQL Startup Script Vulnerability: Injection in sssd's sysdb_search_user_by_upn_res() Function Artemis and HornetQ UDP Discovery Vulnerability: Heap Memory Exhaustion XSS Vulnerability in Red Hat Satellite Discovery Rule Autocomplete Xorg-X11-Server Vulnerability: Missing Length Validation in ProcEstablishConnection Function Integer Overflow Vulnerability in Xorg-X11-Server ProcDbeGetVisualInfo Function Xorg-X11-Server Vulnerability: Arbitrary Code Execution via ProcXIChangeHierarchy Function Integer Overflow Vulnerability in Xorg-X11-Server (Versions before 1.19.5) Cross-Site Request Forgery Vulnerability in IBM Tivoli Endpoint Manager (X-Force ID: 123858) Xorg-X11-Server Vulnerability: Arbitrary Code Execution via XFree86 VidModeExtension Xorg-X11-Server Vulnerability: Missing Length Validation in XFree86 DGA Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XFree86 DRI Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XFIXES Extension Xorg-X11-Server Vulnerability: Missing Length Validation in XINERAMA Extension Xorg-X11-Server MIT-SCREEN-SAVER Extension Length Validation Vulnerability Xorg-X11-Server Vulnerability: Missing Length Validation in X-Resource Extension Xorg-X11-Server Vulnerability: Missing Length Validation in RENDER Extension MMU Potential Stack Buffer Overrun Vulnerability in Linux Kernel Local Privilege Escalation Vulnerability in Red Hat JBoss Enterprise Application Platform 7.0.7.GA XML External Entity Injection (XXE) Vulnerability in IBM Tivoli Endpoint Manager Memory Leak and System Lockup Vulnerability in Linux Kernel Privileged Access Vulnerability in CloudForms VMware Integration Denial of Service Vulnerability in Linux Kernel Key Management Subcomponent Denial of Service Vulnerability in Linux Kernel's assoc_array_insert_into_terminal_node Function Arbitrary Code Execution Vulnerability in spice-gtk Versions through 0.34 Authentication Bypass Vulnerability in Openshift Enterprise Elasticsearch Plugin Vulnerability: Digest Authentication Bypass in Undertow Authentication Bypass Vulnerability in libpam4j 1.8 SQL Injection Vulnerability in Etoile Ultimate Product Catalog Plugin for WordPress Sensitive Information Disclosure Vulnerability in IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) XSS Vulnerability in Etoile Ultimate Product Catalog Plugin 4.2.11 for WordPress Weak Password Policy in IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) IPv6 SNMP Code Vulnerability in Cisco IOS and IOS XE Software Cisco Unity Connection Web Framework Reflected XSS Vulnerability Vulnerability in Dynamic ACL Assignment on Cisco Catalyst 4000 Series Switches Elevated Privileges Vulnerability in Cisco Unified Customer Voice Portal (CVP) OAMP Credential Reset Functionality Denial of Service (DoS) Vulnerability in Cisco Email Security Appliance Cisco SocialMiner XML External Entity (XXE) Vulnerability Cisco ASR 5500 System Architecture Evolution (SAE) Gateway GPRS Tunneling Protocol Ingress Packet Handler Denial of Service Vulnerability Email Attachment Malware Delivery Vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliances IP Fragment Handling Vulnerability in Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones Authentication Bypass Vulnerability in IBM Tivoli Endpoint Manager Reflected Cross-Site Scripting Vulnerability in Cisco Firepower Management Center Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center Denial of Service Vulnerability in Cisco IOS XE Wireless Controller Manager Unsigned Hypervisor Boot Vulnerability in Cisco IR800 Integrated Services Router Software Vulnerability in Cisco Meeting Server Allows Unauthorized Access via Hyperlinks Session Fixation Vulnerability in Cisco Prime LAN Management Solution Privilege Escalation Vulnerability in Cisco Wireless Controllers Blind SQL Injection Vulnerability in Cisco Emergency Responder Invalid Certificate Vulnerability in Cisco Network Plug and Play Application Authentication Bypass Vulnerability in Cisco IOS XE Web UI REST API Open Redirect Vulnerability in IBM Tivoli Endpoint Manager Allows for Phishing Attacks Privilege Escalation Vulnerability in Cisco IOS XE 16.2 Web UI Cisco IOS NAT ALG H.323 RAS DoS Vulnerability Misclassification of Ethernet Frames Vulnerability in Cisco ISR G2 Routers Cisco IOS CIP Denial of Service Vulnerabilities Denial of Service (DoS) Vulnerabilities in Cisco IOS CIP Implementation PROFINET PN-DCP Identify Request Packet Parsing Vulnerability Vulnerability in Cisco IOS XE LISP Implementation Allows Authentication Bypass Vulnerability in Cisco IOS and IOS XE IKEv2 Module Leading to Denial of Service (DoS) Vulnerability in VPLS Code of Cisco Catalyst 6800 Series Switches Allows DoS Attack Unauthenticated Physical Access Vulnerability in Cisco ASR 1000 Series and Cisco cBR-8 Routers Weak Cryptographic Algorithms in IBM Tivoli Endpoint Manager: A Potential Threat to Sensitive Data Buffer Overflow Vulnerability in Cisco IOS and IOS XE DHCP Relay Subsystem Command Injection Vulnerability in Cisco UCS Manager, Firepower 4100 Series NGFW, and Firepower 9300 Security Appliance Vulnerability in IPv6 Packet Parsing for Cisco Firepower System Software Firepower Detection Engine SSL Decryption Memory Consumption DoS Vulnerability Cisco ASA Software Direct Authentication Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Intelligence Center Software Vulnerability in Cisco Meeting Server (CMS) TURN Server Allows Unauthorized Access Sensitive Information Disclosure in IBM Tivoli Endpoint Manager Cisco WAAS HTTP Interface Denial of Service Vulnerability Title: Cisco Cloud Services Platform (CSP) 2100 Web Console Authentication Vulnerability Cisco FindIT Network Discovery Utility DLL Preloading Vulnerability Unauthenticated Remote Execution Vulnerability in Cisco Unified Intelligence Center Cisco Unified Intelligence Center Web Interface DOM-based Cross-Site Scripting Vulnerability Cisco UCS Central Software CLI Restricted Shell Break Vulnerability Akamai Connect Feature Denial-of-Service Vulnerability in Cisco WAAS Appliances Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server Cross-Frame Scripting Vulnerability in Cisco Unified Communications Manager Denial of Service (DoS) Vulnerability in Cisco Small Business SPA51x Series IP Phones Sensitive Information Disclosure in IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) Cisco Small Business IP Phones Denial of Service Vulnerability Vulnerability in Cisco ISE Restricted Shell Allows Arbitrary CLI Command Execution Privileged Access Vulnerability in Cisco APIC-EM Firewall Configuration Cisco License Manager Software Directory Traversal Vulnerability Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability Cisco ASA Software Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability Cisco Meeting App for Windows DLL Loading Vulnerability Cisco WAAS ICA Accelerator Denial of Service Vulnerability Dual-Homed Interface Vulnerability in Cisco AnyConnect Secure Mobility Client Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Spark Messaging Software Resource Consumption Vulnerability in IBM Tivoli Endpoint Manager (X-Force ID: 123906) Denial of Service Vulnerability in Cisco IOS XR Software for Cisco NCS 5500 Series Routers Unauthenticated Remote Execution Vulnerability in Cisco SPA300 and SPA500 Series IP Phones Cross-Site Scripting (XSS) Vulnerability in Cisco IOS XE Software Vulnerability in 802.11 Association Request Frame Processing for Cisco Aironet Access Points Cisco Aironet Access Point EAP Frame Processing Denial of Service Vulnerability Denial of Service (DoS) vulnerability in Cisco Wireless LAN Controllers SQL Injection Vulnerability in Cisco Prime Collaboration Provisioning Application Arbitrary Command Execution Vulnerability in Cisco Firepower Smart Licensing Manager Cisco Wireless LAN Controllers SNMP Memory Leak DoS Vulnerability Memory Disclosure Vulnerability in Cisco Aironet Access Points Insecure Cookie Attribute in IBM Tivoli Endpoint Manager Allows Information Disclosure Cisco Wireless LAN Controllers CAPWAP Discovery Request Parsing DoS Vulnerability PEAP Authentication Bypass Vulnerability in Cisco Aironet Access Points Cisco Wireless LAN Controllers ANQP Ingress Frame Processing DoS Vulnerability Denial of Service Vulnerability in Cisco Aironet 3800 Series Access Points Cisco Jabber for Windows Client Local Information Disclosure Vulnerability Cisco Network Analysis Module Software Directory Traversal Vulnerability Cisco Jabber Web Interface Vulnerability Allows Unauthorized Access to User Profile Information Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software Cluster Database Management Component Denial of Service Vulnerability Cisco Unified Contact Center Express Web-Based Management Interface Cross-Site Scripting Vulnerability IPsec Debug Logging Vulnerability in Cisco IOS XE Software IBM Tivoli Endpoint Manager Vulnerability: Information Disclosure via Insecure HTTP Transport Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Cisco WebEx Meetings Server Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server Unauthenticated Remote Access to Sensitive Data in Cisco WebEx Meetings Server Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meetings Server URL Redirection Vulnerability in Cisco WebEx Meeting Center Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meeting Center Vulnerability in Cisco ASA Next-Generation Firewall Services Allows Bypass of Local IP Management Traffic Filters Insufficient Randomness in IBM Tivoli Endpoint Manager: A Potential Information Exposure Vulnerability Bypassing File Policy for SMB2 Protocol in Cisco Firepower System Software Vulnerability in Python Scripting Subsystem of Cisco NX-OS Software Allows Unauthorized Access Cisco Unified Communications Manager SQL Injection Vulnerability Bypassing AMP File Filtering Rule in Cisco Web Security Appliance Cross-Site Scripting (XSS) Vulnerability in Cisco IOSd Web-Based Management Interface Debug Shell Command Injection in Cisco IP Phone 8800 Series Signature Verification Bypass in Cisco Spark Board Upgrade Process Cisco Small Business Managed Switches Software Reflected Cross-Site Scripting Vulnerability Cisco Small Business Managed Switches Software HTTP Response Splitting Vulnerability Cisco Email Security Appliance (ESA) HTTP Response Splitting Vulnerability Clear Text Storage of User Credentials in IBM BigFix Platform 9.5 - 9.5.9 Unencrypted Header Disclosure Vulnerability in Cisco Spark Hybrid Calendar Service H.264 Decoder Function Denial of Service Vulnerability in Cisco Meeting Server DLL Preloading Vulnerability in Cisco Immunet Antimalware Installer Untrusted Search Path Vulnerability in Cisco Network Academy Packet Tracer Software Cisco FindIT Network Discovery Utility DLL Preloading Vulnerability Sensitive Information Exposure in Cisco HyperFlex System Logging Insufficient Server-Side Login Attempt Limit Enforcement in Cisco ISE Guest Portal Static Key Value Vulnerability in Cisco AMP For Endpoints Application Cisco RF Gateway 1 Denial of Service Vulnerability Vulnerability in BGP EVPN Implementation for Cisco IOS XE Software Cleartext Transmission Vulnerability in IBM Tivoli Endpoint Manager Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Multiple Cross-Site Scripting (XSS) and URL Redirection Vulnerabilities in Cisco Registered Envelope Service Cisco IP Phone 8800 Series SIP Call Handling Denial of Service Vulnerability Command Injection Vulnerability in Cisco Firepower and NX-OS Systems Privilege Escalation Vulnerability in IBM Remote Control v9 Title: Cisco NX-OS CLI Command Injection Vulnerability Insufficient Signature Verification in Cisco NX-OS System Software Patch Loading Vulnerability Vulnerability in Cisco NX-OS System Software Patch Installation Allows Arbitrary File Writing Insufficient Signature Verification in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Vulnerability Title: Cisco NX-OS TCL Scripting Subsystem Escape and Unauthorized Access Vulnerability in Cisco Collaboration Products Upgrade Mechanism Vulnerability in Cisco NX-OS CLI Allows Unauthorized File Reading Command Injection Vulnerability in Cisco NX-OS System Software Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 and 7.3 Vulnerability: Unauthorized Access to Bash Shell in Cisco NX-OS System Software Command Injection Vulnerability in Cisco NX-OS System Software Vulnerability in Open Agent Container (OAC) Feature of Cisco Nexus Series Switches Allows Unauthorized Packet Access Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software Cross-Site Scripting (XSS) and Session Hijacking Vulnerabilities in Cisco UCS Central Software Cross-Site Scripting (XSS) and Session Hijacking Vulnerabilities in Cisco UCS Central Software Denial of Service Vulnerability in IBM WebSphere MQ 8.0 Default Static User Credentials Vulnerability in Cisco Umbrella Insights Virtual Appliances Unauthorized Internal Interface Access in Cisco NX-OS System Software Privilege Escalation Vulnerability in Cisco Application Policy Infrastructure Controllers Cisco AsyncOS Software MIME Scanner Bypass Vulnerability Unauthenticated Remote Information Disclosure Vulnerability in Cisco Secure Access Control System (ACS) Cisco IOS XR Software LPTS Ingress Frame-Processing Denial of Service Vulnerability Cross-Site Scripting Vulnerability in Cisco Jabber Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Web Interface Cross-Site Scripting (XSS) Vulnerability in Cisco Jabber Web-Based Management Interface Buffer Overflow Vulnerability in Cisco WebEx Network Recording Player for .arf Files Denial of Service Vulnerability in IBM WebSphere MQ 9.0.2 Cisco WebEx Network Recording Player Denial of Service Vulnerability Cisco Jabber for Windows Vulnerability: Unauthorized Access to Sensitive Communications Cisco Meeting Server Denial of Service Vulnerability Unauthenticated Remote Attackers Can Modify Meeting Welcome Messages in Cisco WebEx Meeting Server SQL Injection Vulnerability in Cisco Prime Service Catalog Unlisted Meeting Information Disclosure Vulnerability in Cisco WebEx Event Center Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Meeting Center Cisco WebEx Network Recording Player Denial of Service and Remote Code Execution Vulnerability Cisco WebEx Network Recording Player Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Cisco WebEx Network Recording Player Cross-Site Scripting Vulnerability in IBM Jazz Based Applications (IBM X-Force ID: 124355) Cisco WebEx Network Recording Player Remote Code Execution Vulnerability Cisco WebEx Network Recording Player Remote Code Execution Vulnerability WebEx Network Recording Player Remote Code Execution Vulnerability Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability in Cisco ASA 5500 Series devices Use-After-Free Vulnerability in ClamAV AntiVirus Software ClamAV AntiVirus Software Prior to Version 0.99.2 Denial of Service Vulnerability Buffer Overflow Vulnerability in ClamAV AntiVirus Software Allows for DoS and Arbitrary Code Execution Heap-based Buffer Over-read Vulnerability in ClamAV AntiVirus Software ClamAV AntiVirus Software Prior to 0.99.2 Denial of Service Vulnerability Buffer Overflow Vulnerability in ClamAV AntiVirus Software Versions 0.99.2 and Prior Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 ClamAV AntiVirus Software Prior to 0.99.2 Denial of Service Vulnerability Sensitive Information Disclosure in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 via HTTP 500 Internal Server Error Responses Sensitive Information Disclosure in IBM Rhapsody DM Products via HTTP 500 Internal Server Error Responses Stack Trace Information Disclosure Vulnerability in IBM Jazz Foundation Applications Race Condition Exploit: Arbitrary Code Execution in Kaseya Virtual System Administrator Agent Stack Overflow Vulnerability in ccn-lite-ccnb2xml in CCN-lite before 2.0.0 XSS Vulnerability in AXIS 2100 Devices 2.43 via URI DLL Hijacking Vulnerability in Format Factory 4.1.0 Cross-Site Request Forgery (CSRF) Vulnerability in OXID eShop Community, Enterprise, and Professional Editions GlobalProtect Gateway Interface Cross-Site Scripting (XSS) Vulnerability Memory leaks in parse8BIMW and format8BIM functions in ImageMagick 7.0.6-5 Remote File Access Vulnerability in MantisBT 2.5.2 HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Heap-based Buffer Overflow in NetApp Clustered Data ONTAP Arbitrary Code Execution Vulnerability in NetApp Clustered Data ONTAP 8.3.x Arbitrary Object Deletion Vulnerability in NetApp StorageGRID Webscale Unauthorized Data Access in NetApp Clustered Data ONTAP 8.3.x Privilege Boundary Cross in shadow's newusers Tool Denial-of-Service Vulnerability in Varnish HTTP Cache Arbitrary Code Execution via Crafted SSH URL in GitLab Community Edition and Enterprise Edition Memory Leak Vulnerability in ImageMagick's ProcessMSLScript Function Memory Leak Vulnerability in ImageMagick 7.0.6-1: Exploiting ReadWMFImage in coders/wmf.c to Cause Denial of Service in CloneDrawInfo in draw.c Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1's ReadMIFFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1's ReadMPCImage Function Use-After-Free Vulnerability in ImageMagick 7.0.6-1's ReadWMFImage Function Allows Denial of Service Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadPCXImage Function in coders/pcx.c Memory Leak Vulnerability in ImageMagick 7.0.6-1: ReadPESImage Function in coders/pes.c ImageMagick 7.0.6-1: Denial of Service Vulnerability in ReadMATImage Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadSUNImage Function in coders/sun.c XML Injection and Cross-Site Scripting Vulnerabilities in SocuSoft Flash Slideshow Maker Professional v5.20 Trust ID Verification Bypass in Aodh Alarm Action Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service Vulnerability in minidjvu 0.8 via Crafted DJVU File Denial of Service and Stack Corruption Vulnerability in GdkPixBuf Heap Use After Free Vulnerability in BFD Library Allows Remote Code Execution Out-of-Bounds Heap Read Vulnerability in libbfd Cross-Site Scripting Vulnerability in IBM Rational Software Architect Design Manager 5.0 and 6.0 Out of Bounds Heap Write Vulnerability in GNU Binutils Out-of-Bounds Stack Read Vulnerability in BFD Library Out-of-Bounds Heap Read Vulnerability in BFD Library Out-of-Bounds Heap Read Vulnerability in libbfd.c Arbitrary Memory Read Vulnerability in GNU Binutils' BFD Library Out-of-Bounds Heap Read Vulnerability in GNU Binutils' libbfd Out-of-Bounds Heap Read Vulnerability in GNU Binutils 2.29 and Earlier NULL Dereference Vulnerability in BFD Library's bfd_make_section_with_flags Function Out-of-Bounds Heap Read Vulnerability in libbfd Out-of-Bounds Heap Write Vulnerability in BFD Library HTML Injection Vulnerability in Barco ClickShare CSM-1 and CSC-1 Firmware Memory Leak in ccnl_app_RX Function in CCN-lite: Denial of Service Vulnerability NULL pointer dereference vulnerability in ccn-lite-valid.c in CCN-lite before 2.00 Multiple Integer Overflows in CCN-lite: Unspecified Impact via Vectors Out-of-Bounds Access Vulnerability in CCN-lite before 2.00 Memory Leak Vulnerability in CCN-lite before 2.00: Denial of Service via Memory Consumption Buffer Overflow in ccn-lite-ccnb2xml.c in CCN-lite: Context-Dependent Attack Vector Buffer Overflow Vulnerability in CCN-lite 2.00: Incorrect Memory Allocation in util/ccnl-common.c Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Integer Overflow in ndn_parse_sequence Function in CCN-lite: Unspecified Impact via typ and vallen Variables Out-of-bounds Read Vulnerability in cnb_parse_lev Function in CCN-lite Missing NULL Pointer Checks in ccnl-ext-mgmt.c in CCN-lite before 2.00 CCN-lite Vulnerability: Denial of Service via Wrong L Values in ccnl_ccntlv_bytes2pkt NULL Pointer Dereference and Application Crash in AP4_AtomSampleTable::GetSample function NULL Pointer Dereference and Application Crash in Bento4 mp4encrypt NULL Pointer Dereference and Application Crash in AP4_AvccAtom::InspectFields Function Authentication Bypass Vulnerability in Unitrends Backup (UB) Unauthenticated Remote Command Execution in Unitrends Backup (UB) Web Interface Session Logic Vulnerability in Unitrends Backup (UB) Allows Privilege Escalation HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Sandboxie Installer 5071703 DLL Hijacking Vulnerability Stack-based buffer overflow vulnerability in the find_option function in option.cc in Ledger 3.1.1 Remote Code Execution Vulnerability in Ledger 3.1.1 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Cross-Site Scripting (XSS) Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) CLM Application Vulnerability Exposes Administrative Deployment Parameters Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Arbitrary Command Execution Vulnerability in IBM Security Guardium 10.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) XML External Entity Injection (XXE) Vulnerability in IBM Security Guardium 10.0 Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) Authentication Bypass and Code Execution Vulnerability in HPE iLO 4 (Version < 2.53) Remote Disclosure of Information Vulnerability in Moonshot Remote Console Administrator and iLO Firmware Cross-Site Scripting Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Remote Denial of Service Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Critical Buffer Overflow Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Local Authentication Bypass Vulnerability in HPE System Management Homepage Weak Cryptographic Algorithms in IBM Security Guardium 10.x Local Security Misconfiguration Vulnerability in HPE System Management Homepage v7.6.1 and Earlier Arbitrary Command Execution Vulnerability in HPE System Management Homepage Arbitrary Command Execution Vulnerability in HPE System Management Homepage Local Authentication Bypass Vulnerability in HPE System Management Homepage Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) Plat 7.3 E0504P2 and Earlier Critical Vulnerability: Remote Arbitrary File Download and Information Disclosure in HPE Intelligent Management Center (iMC) SOM 7.3 E0501 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10.0, 10.1 Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2 Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT Heap-based Buffer Overflow in libsndfile through 1.0.28: Remote DoS and Possible Other Impact Memory Exhaustion Vulnerability in ImageMagick 7.0.6-2: Denial of Service in ReadPSDImage Memory Leak Vulnerability in ImageMagick 7.0.6-2's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2: ReadOneJNGImage Function in coders/png.c Memory Leak Vulnerability in ImageMagick 7.0.6-2: ReadMVGImage Function in coders/mvg.c SQL Injection Vulnerability in Quest KACE Asset Management Appliance, Systems Management Appliance, and K1000 as a Service Denial of Service Vulnerability in Debut Embedded HTTPD 1.20 in Brother DCP-J132W IBM Security Guardium 10.0 Unauthorized Disclosure of Sensitive Information Vulnerability Persistent Cross Site Scripting (XSS) in Splunk Enterprise and Splunk Light versions before 6.5.2, 6.4.6, and 6.3.9 (SPL-134104) Command-Injection Vulnerability in PLANEX CS-W50HD NAS Settings Page Hardcoded Credential Injection Vulnerability in PLANEX CS-W50HD Devices Unauthenticated Access to Sensitive Information on NEC Aterm WG2600HP2 Router Undocumented Management Page Allows Arbitrary Code Execution on PLANEX CS-QR20 1.30 Hardcoded Credentials and Root Command Execution Vulnerability in PLANEX CS-QR20 1.30 Insecure SUID Wrapper Binary Vulnerability in Vagrant VMware Fusion Plugin Authentication Bypass Vulnerability in IBM Security Guardium 10.0 and 10.1 DLL Preloading Vulnerability in IDM UltraEdit Remote Command Execution via NodeIntegration Bypass in GitHub Electron Unprivileged User SID Bypass Vulnerability in QNAP TS212P Surveillance Station Component XSS Vulnerability in DokuWiki through 2017-02-19b CSRF Vulnerability and Account Takeover in SLiMS 8 Akasia through 8.3.1 SQL Injection Vulnerability in SLiMS 8 Akasia (admin/AJAX_lookup_handler.php, admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php) Arbitrary File Reading Vulnerability in SLiMS 8 Akasia through 8.3.1 Large Loop Vulnerability in ImageMagick 7.0.6-1's ReadPWPImage Function Format String Vulnerability in ZMQ3 Input and Output Modules in Rsyslog CSRF Vulnerability in ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 Devices Reflected XSS Vulnerability in ASUS RT-N14UHP Devices ASUS DSL-N10S V2.1.16_APAC Devices Vulnerable to Reflected and Stored Cross-Site Scripting via snmpSysName Parameter Privilege Escalation Vulnerability in ASUS DSL-N10S V2.1.16_APAC Devices CSRF Vulnerability in ASUS DSL-N10S V2.1.16_APAC Devices Recursive Tokenizer Vulnerability in QPDF 6.0.0 and 7.0.b1 Heap-based Buffer Over-read Vulnerability in OpenEXR 2.2.0 Out-of-Bounds Write Vulnerability in OpenCV's cv::imread Function Out-of-bounds read vulnerability in OpenCV's cv::RBaseStream::readBlock function Out-of-Bounds Read Vulnerability in OpenCV's icvCvt_BGRA2BGR_8u_C4C3R Function OpenCV Denial of Service Vulnerability: CPU Exhaustion Buffer Overflow in cv::BmpDecoder::readData function in OpenCV OpenCV Denial of Service Vulnerability: Memory Consumption Invalid Write Vulnerability in OpenCV's cv::RLByteStream::getBytes Function Out-of-Bounds Write Vulnerability in OpenCV's FillUniColor Function Out-of-Bounds Write Vulnerability in OpenCV's FillColorRow8 Function Out-of-Bounds Write Vulnerability in OpenCV's cv::imread Function OpenOffice PPT File Parser Denial of Service and Arbitrary Code Execution Vulnerability Apache OpenOffice Writer DOC File Parser Vulnerability Local User Can Read Sensitive Information in IBM Security Guardium 10.0 Log Files Impersonation Vulnerability in Apache Kafka's SASL Authentication Remote Code Execution (RCE) Vulnerability in Apache Struts 2.0.0 - 2.3.33 and 2.5 - 2.5.10.1 Unsafe Deserialization Vulnerability in Apache Spark Launcher API Invalid Month Field Value Vulnerability in Apache Portable Runtime (APR) 1.6.2 and Prior Reflected XSS Vulnerability in Apache Airflow 404 Pages Apache Tomcat 7.0.0 to 7.0.79 Windows HTTP PUT JSP Code Execution Vulnerability VirtualDirContext Security Bypass and JSP Source Code Exposure Vulnerability in Apache Tomcat 7.0.0 to 7.0.80 Apache Tomcat Remote Code Execution Vulnerability Apache Portable Runtime Utility (APR-util) SDBM Database File Integrity Validation Vulnerability Session Fixation Vulnerability in Apache Zeppelin (CVE-XXXX-XXXX) IBM Security Guardium 10.0 Vulnerability: HTTP Response Splitting Apache OpenNLP XML External Entity (XXE) Vulnerability XML External Entity (XXE) Vulnerability in Apache Commons Jelly before 1.0.1 Unauthorized Access to Apache Geode Cluster Members in Secure Mode XML External Entity (XXE) Vulnerability in Apache NiFi Denial of Service (DoS) Vulnerability in Apache CXF Inadequate Policy Enforcement for Masked Columns in Apache Hive Apache POI Vulnerabilities: Denial of Service Attacks through Crafted Files Null Pointer Dereference Vulnerability in Apache Xerces-C XML Parser Library Java Deserialization Vulnerability in Apache James JMX Server Remote Code Execution Vulnerability in Apache Solr and Lucene Arbitrary Script Injection Vulnerability in Apache Drill 1.11.0 and Earlier CSRF Vulnerability in Apache CXF Fediz Spring Plugins Host Header Injection Vulnerability in Apache NiFi Java Object Deserialization Vulnerability in Apache Camel's Camel-Hessian Component Apache Camel Java Object Deserialization Vulnerability Apache CouchDB JSON Parser Vulnerability Arbitrary Command Execution in CouchDB via Configuration Options SAP NetWeaver Application Server Java 7.5 Directory Traversal Vulnerability ETBL or ETCETERABLUE: Stack-Based Buffer Overflow in Ipswitch IMail Server 12.5.5 Ipswitch IMail Server 12.5.5 Stack Based Buffer Overflow Vulnerability Insufficient Actor Identity Verification in IBM Security Guardium 10.0 Out-of-Bounds Read Vulnerability in ImageMagick 7.0.6-1's ReadOneMNGImage Memory Leak Vulnerability in ImageMagick 7.0.6-1: ReadOneJNGImage in coders\png.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadMPCImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-1: ReadOneJNGImage in coders\png.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadDCMImage Function Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Invalid PortletID Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Login Credentials or E-mail Address Cross-Site Scripting (XSS) Vulnerability in Liferay Portal 7.0 CE GA4 via Knowledge Base Article Title Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Bookmark URL Cross-Site Scripting (XSS) Vulnerability in Liferay Portal before 7.0 CE GA4 via Crafted Title or Summary in Web Content Display Certificate Validation Vulnerability in IBM Security Guardium SQL Injection in Loginizer Plugin for WordPress via X-Forwarded-For Header CSRF Vulnerability in Loginizer Plugin's Blacklist and Whitelist IP Wizard Chunk Length Check Vulnerability in libpng Privilege Escalation via Trojan Horse Shcore.dll in 360 Total Security 9.0.0.1202 Memory Leak Vulnerability in ImageMagick's ReadPICTImage Function Cross-Site Scripting (XSS) in NexusPHP v1.5 via log.php dailylog action Insecure Permissions Specification in IBM Security Guardium 10.0 Memory Leak Vulnerability in ImageMagick 7.0.6-2 WritePDFImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteMAPImage Function Memory Leak Vulnerability in WritePALMImage in ImageMagick 7.0.6-2 Memory Leak Vulnerability in ImageMagick 7.0.6-2's WritePICTImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteINLINEImage in coders/inline.c Memory Leak Vulnerability in ImageMagick 7.0.6-1's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WritePCXImage in coders/pcx.c Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteCALSImage in coders/cals.c Insufficient Verification of Code Origin and Integrity in IBM Security Guardium 10.0 and 10.1 Denial of Service Vulnerability in ImageMagick 7.0.6-3 Denial of Service Vulnerability in ImageMagick 7.0.6-3 Memory Leak Vulnerability in ImageMagick 7.0.6-3's ReadMATImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-3: ReadOneMNGImage in coders/png.c ImageMagick 7.0.6-2 Denial of Service Vulnerability in ReadPDBImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-3: Exploiting Missing Check for Multidimensional Data in coders/mat.c Memory Leak Vulnerability in ImageMagick 7.0.6-3: ReadOneJNGImage in coders/png.c XSS Vulnerability in IdentityServer3 Allows Information Disclosure TagLib 1.11.1 - Pointer Casting Vulnerability in rebuildAggregateFrames Function SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via delcheater parameter in cheaterbox.php Lack of Salt in IBM Security Guardium 10 and 10.5 Cryptographic Hash Vulnerability Cross-Site Scripting (XSS) in NexusPHP 1.5 via shoutbox.php's type parameter SQL Injection Vulnerability in IBM Security Guardium 10.0 and 10.1 Denial of Service Vulnerability in ImageMagick 7.0.6-6 Memory Consumption Denial of Service Vulnerability in ImageMagick 7.0.6-6 Denial of Service Vulnerability in ImageMagick 7.0.6-6 via Crafted BMP File SpiderControl SCADA Web Server Directory Traversal Vulnerability Improper Authentication in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1 Allows Password Reset Man-in-the-Middle Vulnerability in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1 Authentication Bypass Vulnerability in Advantech WebAccess Versions Prior to V8.2_20170817 Incorrect Default Permissions Vulnerability in AzeoTech DAQFactory Versions Prior to 17.1 Session Fixation/Hijacking Vulnerability in IBM Security Guardium 10.0 Improper Input Validation Vulnerability in BMC Medical Luna CPAP Machines Externally Controlled Format String Vulnerability in Advantech WebAccess Cross-Site Request Forgery (CSRF) Vulnerability in Westermo MRD-305-DIN and MRD-315, MRD-355, MRD-455 Heap-Based Buffer Overflow Vulnerability in Advantech WebAccess Heap-Based Buffer Overflow in Advantech WebOP Stack-based Buffer Overflow Vulnerability in Advantech WebAccess Stack-based Buffer Overflow Vulnerability in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and Prior Memory Buffer Overflow Vulnerability in Advantech WebAccess Use of Hard-Coded Credentials Vulnerability in MRD-305-DIN and MRD-315, MRD-355, MRD-455 Devices Weak Algorithm Negotiation in IBM Security Guardium 9.0, 9.1, and 9.5 SQL Injection Vulnerability in Advantech WebAccess Versions Prior to V8.2_20170817 Privilege Escalation Vulnerability in Advantech WebAccess Vulnerability: Authentication Bypass in Abbott Laboratories Pacemakers Incorrect Permission Assignment for Critical Resource in Advantech WebAccess Versions Prior to V8.2_20170817 Vulnerability: Unrestricted RF Wake-up Commands in Abbott Laboratories Pacemakers Unencrypted Transmission and Storage of Patient Information in Abbott Laboratories Accent and Anthem Pacemakers Uncontrolled Search Path Element Vulnerability in Advantech WebAccess Buffer Overflow Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Untrusted Pointer Dereference Vulnerability in Advantech WebAccess Sensitive Information Disclosure in IBM Security Guardium 10.0 and 10.5 via URL Parameters Unauthenticated FTP Access in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Improper Certificate Validation in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Out-of-bounds Read Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerability: Passwords Stored in Configuration File in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Credentials Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Credentials in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Hard-coded Password Vulnerability in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Privilege Escalation Vulnerability in SpiderControl SCADA Web Server SQL Injection Vulnerability in Moxa SoftCMS Live Viewer Unquoted Search Path Vulnerability in mySCADA myPRO Versions 7.0.26 and Prior SQL Injection Vulnerability in OPW Fuel Management Systems SiteSentinel Integra and iSite ATG Consoles Stack-based Buffer Overflow in GE CIMPLICITY Versions 9.0 and Prior: Arbitrary Remote Code Execution Vulnerability Authentication Bypass Vulnerability in OPW Fuel Management Systems SiteSentinel Consoles Session ID Exposure in LOGO! 8 BM Web Server Man-in-the-Middle Attack Vulnerability in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3) RUGGEDCOM ROS and SCALANCE Vulnerability: Unauthorized Administrative Actions via RCDP Unauthenticated Remote Information Disclosure Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules Siemens SICAM RTUs SM-2556 COM Modules Firmware XSS Vulnerability Unauthenticated Remote Code Execution Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules Stack-based Overflow in IBM Domino IMAP Service Unprotected Communication Channel Vulnerability in Siemens LOGO! Soft Comfort (All versions before V8.2) Title: Denial-of-Service Vulnerability in PROFINET IO Development/Evaluation Kits and Siemens Industrial Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Stack Buffer Overflow Vulnerability in Asuswrt-Merlin Firmware for ASUS Devices Command Injection Vulnerability in extplorer 2.1.9 and Prior: Exploiting Userfile[0] Parameter Vulnerability: SQL Injection in Ambit Technologies Pvt. Ltd Products Joomla! Component Appointment 1.1 - Remote Code Execution via SQL Injection Critical SQL Injection Vulnerability in SOA School Management 3.0 Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Critical SQL Injection Vulnerability in Mobiketa 4.0 Allows Remote Code Execution Arbitrary File Download via SQL Injection in WebFile Explorer 1.0 Buffer Overflow Vulnerability in isdn_net.c Privilege Escalation via Unspecified Server Utility in NoMachine Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Remote Code Execution in FineCMS 1.9.5 ContentController.php Multiple User Account Creation Vulnerability in Question2Answer SQL Injection Vulnerability in NexusPHP 1.5 reports.php (delreport parameter) XSS Vulnerability in NexusPHP v1.5 via usersearch.php Parameter Authentication Bypass Vulnerability in qBittorrent UI Lock Feature Null Pointer Dereference Vulnerability in mkvalidator 0.5.1 HTML Injection Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Denial of Service Vulnerability in libebml2's ReadData Function Null Pointer Dereference Vulnerability in libebml2 Denial of Service Vulnerability in libebml2's ReadData Function Denial of Service Vulnerability in libebml2's ReadDataFloat Function Remote Denial of Service Vulnerability in Youngzsoft CCFile 3.6 Buffer Overflow Vulnerability in NoviSwitch's Novish Command-Line Interface Stack-based Buffer Overflow in NoviWare Software on NoviSwitch Devices Vulnerability: Remote Code Execution via ACL Modification Bug in NoviWare Software Metinfo 5.3.18 Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin/index.php CSRF Vulnerability in Metinfo 5.3.18: Remote Information Disclosure via admin/interface/online/delete.php Directory Traversal Vulnerability in IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 CSRF Vulnerability in Metinfo 5.3.18: Information Disclosure via admin/index.php Directory Traversal Vulnerability in Minion ID Validation in SaltStack Salt Cross-Site Request Forgery (CSRF) Vulnerabilities in NexusPHP 1.5 Cross-Site Scripting (XSS) Vulnerability in Django Debug Page Improper Input Validation in OpenMRS openmrs-module-htmlformentry 3.3.2 Unauthenticated Remote Command Execution in OpenMRS Reporting Compatibility Add On Integer Overflow in ID3 Parser Allows Remote Denial of Service Cross-Site Scripting (XSS) in NexusPHP v1.5 via searchsuggest.php's q parameter Buffer Overflow Vulnerability in elf_read_notes Function in GNU Binutils 2.29 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Null Pointer Dereference Vulnerability in libebml2 Denial of Service Vulnerability in libebml2 through 2012-08-26 Denial of Service Vulnerability in libebml2 through 2012-08-26 Denial of Service Vulnerability in mkclean 0.8.9 via Crafted MKV File Denial of Service Vulnerability in ImageWorsener 1.3.2 Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6's ReadTIFFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6: Exploiting format8BIM Function for Denial of Service QEMU IDE Disk and CD/DVD-ROM Emulator Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Stored XSS Vulnerability in PHPJabbers PHP Newsletter Script 4.2 Admin Panel Lists Stored XSS Vulnerability in PHPJabbers Star Rating Script 4.0 Stored XSS Vulnerability in PHPJabbers Night Club Booking Software Stored XSS Vulnerability in PHPJabbers File Sharing Script 1.0 Stack-based buffer overflow in CPerlHost::Add method in Perl on Windows Bomgar Remote Support Portal JavaStart.jar Applet Path Traversal Vulnerability Weak Permissions in Kaspersky Internet Security for Android 11.12.4.1622 Expose Vulnerability to Unauthorized Access via Android IPC Unencrypted Application Trace Files in Kaspersky Internet Security for Android 11.12.4.1622 Remote Denial of Service Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Language Pack Updater Vulnerability Enables NTLM-Relay Attack in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0 and 3.0 Arbitrary Memory Read Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Remote Code Execution Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Remote Admin Interface Vulnerability in Gemalto's HASP SRM, Sentinel HASP, and Sentinel LDK Products Local Privilege Escalation Vulnerability in Kaspersky Embedded Systems Security v1.2.0.300 InPage Reader Vulnerability: Arbitrary Code Execution via Crafted InPage Document Shared Memory Leak Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Arbitrary Code Execution Vulnerability in CVS 1.12.x with SSH Remote Repositories Heap-based Buffer Overflow in Perl's S_regatom Function with '\N{}' Escape and Case-Insensitive Modifier CSRF Vulnerability in NexusPHP 1.5 Allows Remote Authentication Hijacking Heap-based Buffer Over-read Vulnerability in mpg123 Information Disclosure Vulnerability in IBM WebSphere MQ 9.0.1 and 9.0.2 Heap-based Buffer Overflow in DLMFENC.sys Kernel Driver Vulnerability in Bitcoin Core Allows Creation of Fake SPV Proof for Unauthorized Payments Arbitrary File Write Vulnerability in Cyrus IMAP before 3.0.3 Arbitrary Web Script Injection in IceWarp Mail Server 10.4.4 Admin Panel Arbitrary Process Killing Vulnerability in Nagios Core Timing Attack Vulnerability in SilverStripe CMS Login and Password Reset Forms IBM WebSphere MQ 9.0.1 and 9.0.2 Channel Denial of Service Vulnerability Password Reset Vulnerability in Kanboard 1.0.46 and Earlier Password Reset Vulnerability in Kanboard (Versions before 1.0.46) Vulnerability: Denial of Service (DoS) in numpy.pad function CSRF Vulnerability in RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 Grant Status Bits Clearing Vulnerability Arbitrary Web Script Injection Vulnerability in C.P.Sub 5.2 Vulnerability in Polycom SoundStation IP, VVX, and RealPresence Trio: Unauthorized Memory Access Double Free Vulnerability in _zip_dirent_read Function in libzip Denial of Service Vulnerability in NetApp Data ONTAP 7-Mode NFS Environments Unauthorized Access to Sensitive Configuration Information in IBM UrbanCode Deploy Epson EasyMP Software Vulnerability: Hardcoded Backdoor Code Allows Unauthorized Access Brute-Force Vulnerability in Epson EasyMP Software Allows Remote Control and Unauthorized Streaming Buffer Overflow Vulnerability in OpenCV 3.3 and Earlier Versions Integer Overflow in PxMDecoder::readData Function in OpenCV 3.3 and Earlier Integer Overflow Vulnerability in ReadNumber Function in OpenCV Stack-based Buffer Overflow in connman's dnsproxy.c Allows Remote Code Execution Time Extension Vulnerability in SimpleSAMLphp's SimpleSAML_Auth_TimeLimitedToken Class Session Fixation and Authentication Bypass Vulnerability in SimpleSAMLphp Authentication Bypass Vulnerability in SimpleSAMLphp's Multiauth Module Open Redirect Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Vulnerability: Insecure Session Identifier Protection in SimpleSAMLphp Insecure Initialization Vector Usage in aesEncrypt Method in SimpleSAMLphp Timing Side-Channel Attack in Htpasswd Authentication and SimpleSAMLphp Session Incorrect Persistent NameID Generation in SimpleSAMLphp 1.7.0 through 1.14.10 XML Spoofing Vulnerability in InfoCard Module 1.0 for SimpleSAMLphp Denial of Service Vulnerability in ImageMagick 7.0.6-6 via Crafted File Heap-based Buffer Overflow in ImageMagick's enhance.c Use-after-free vulnerability in ImageMagick's DestroyImage function in image.c Arbitrary Web Script Injection in Paessler PRTG Network Monitor's DEVICES OR SENSORS Functionality CSRF Vulnerability in Spring Batch Admin Allows Remote Authentication Hijacking and Arbitrary Request Submission Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 via file upload functionality. Buffer Overflow in Perl's S_grok_bslash_N Function Information Exposure in OX Software GmbH App Suite 7.8.4 and earlier Cross Site Scripting (XSS) Vulnerability in OX Software GmbH App Suite 7.8.4 and earlier IBM SDK, Java Technology Edition XXE Vulnerability DLL Preloading Vulnerability in Foxit PDF Compressor Installers Buffer Over-read Vulnerability in SMB/CIFS Parser of tcpdump Buffer Over-read Vulnerability in addrtoname.c:lookup_bytestring() Buffer Over-read Vulnerability in tcpdump's ICMP Parser Buffer Over-read Vulnerability in ISAKMP Parser Buffer Over-read Vulnerability in tcpdump's ISO CLNS Parser Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in DECnet Parser of tcpdump Cross-Site Scripting (XSS) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Buffer Over-read Vulnerability in tcpdump Protocol Parsers Buffer Over-read Vulnerability in tcpdump's EIGRP Parser Buffer Over-read Vulnerability in Zephyr Parser of tcpdump User-Assisted Code Execution Vulnerability in Newsbeuter Bookmarking Function Server Side Request Forgery in Vebto Pixie Image Editor 1.4 and 1.7: Information Disclosure and Arbitrary Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in NexusPHP XSS Vulnerability in NexusPHP v1.5 via usersearch.php URL Path Arbitrary SQL Command Execution in NexusPHP 1.5 via takeconfirm.php Arbitrary SQL Command Execution in NexusPHP 1.5 via modtask.php IBM Maximo Asset Management 7.5 and 7.6 HTTP Response Splitting Vulnerability SQL Injection Vulnerability in massmail.php in NexusPHP 1.5 Stack Memory Corruption Vulnerability in MP3Gain 1.5.2.r2's apetag.c File Read Access Violation Vulnerability in MP3Gain 1.5.2.r2 Heap-based Buffer Overflow in libfpx 1.3.1_p6: Remote Denial of Service via Crafted fpx Image Sensitive Information Disclosure in IBM Maximo Asset Management 7.5 and 7.6 (IBM X-Force ID: 125153) NULL Pointer Dereference in CDirectory::GetDirEntry in libfpx 1.3.1_p6 NULL Pointer Dereference Vulnerability in PFileFlashPixView::GetGlobalInfoProperty in libfpx 1.3.1_p6 Denial of Service Vulnerability in libfpx 1.3.1_p6 via Crafted fpx Image Denial of Service Vulnerability in libfpx 1.3.1_p6 via Crafted fpx Image Denial of Service Vulnerability in CDirVector::GetTable in libfpx 1.3.1_p6 Double Free Vulnerability in DfFromLB in libfpx 1.3.1_p6 Allows Remote DoS via Crafted fpx Image Cross-Site Scripting Vulnerability in Cacti 1.1.17 spikekill.php Method Parameter Hard-coded Password Vulnerability in TecnoVISION DLX Spot Player4 Arbitrary File Upload and Remote Command Execution in TecnoVISION DLX Spot Player4 version >1.5.10 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management SQL Injection in TecnoVISION DLX Spot Player4 Admin Interface Heap Use After Free Vulnerability in PHP's var_unserializer.re Buffer Over-read Vulnerability in PHP's finish_nested_data Function Heap Use After Free Vulnerability in PHP 7.0.x and 7.1.x Invalid Memory Read Vulnerability in GraphicsMagick 1.3.26 Use-after-free vulnerability in ReadWMFImage function in GraphicsMagick 1.3.26 Heap-Based Buffer Over-Read in ReadSUNImage Function of GraphicsMagick 1.3.26 Directory Traversal Vulnerability in UnRAR before 5.5.7 Unity Editor Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Out-of-Bounds Read Vulnerability in UnRAR's libunrar.a Out-of-Bounds Read Vulnerability in UnRAR's Unpack::Unpack20 Function Buffer Overflow in UnRAR's Unpack::LongLZ Function D-Link DIR-600 Rev Bx Firmware Password Disclosure Vulnerability Memory Allocation Vulnerability in LibTIFF 4.0.8 Arbitrary Command Execution Vulnerability in Solstice Pod Networking Configuration SQL Injection in Easy Modal Plugin for WordPress (<=2.1.0) Allows Admins to Execute Arbitrary SQL Queries SQL Injection in Easy Modal Plugin for WordPress (<=2.1.0) Allows Admins to Execute Arbitrary SQL Queries Cross-Site Scripting (XSS) Vulnerability in PressForward Plugin for WordPress SQL Injection Vulnerability in Podlove Podcast Publisher Plugin for WordPress Unspecified Vulnerability in IBM RSA DM CLM Applications: Potential Information Leakage NULL Pointer Dereference and Application Crash Vulnerability in libgig 4.0.0 Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Denial of Service Vulnerability in libgig 4.0.0 via Crafted gig File Heap-based Buffer Overflow in Exiv2 0.26: Remote DoS and Potential Impact Remote Denial of Service Vulnerability in Exiv2 0.26 Heap-based Buffer Over-read Vulnerability in libexiv2 in Exiv2 0.26 Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in libpspp's dict_add_mrset() Function Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in GNU PSPP Library Remote Denial of Service Vulnerability in LibSass 3.4.5 due to Memory Leaks in Deeply Nested Code Remote Denial of Service Vulnerability in LibSass 3.4.5 Remote Denial of Service Vulnerability in LibSass 3.4.5 Session Fixation Vulnerability in Apache2Triad 1.5.4: Remote Session Hijacking via PHPSESSID Parameter Denial of Service Vulnerability in asn1c 0.9.28 Denial of Service Vulnerability in getsym Function of libbfd Buffer Overflow in Avaya IP Office Contact Center ActiveX Control Stack-based Buffer Overflow in IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 CSRF Vulnerability in Apache2Triad 1.5.4 Allows Unauthorized User Account Manipulation Apache2Triad 1.5.4 XSS Vulnerability in phpsftpd/users.php Integer-Overflow Vulnerability in Nimbus JOSE+JWT Allows HMAC Bypass Attacks Padding Oracle Attack in Nimbus JOSE+JWT before 4.39 Invalid Curve Attack in Nimbus JOSE+JWT before 4.36 Arbitrary Command Execution via Initial Dash Character in SSH URL in git-annex SQL Injection Vulnerability in Web-Dorado Photo Gallery by WD - Responsive Photo Gallery Plugin Cross-Site Scripting (XSS) Vulnerability in Cacti's lib/html.php Stored XSS Vulnerability in DokuWiki through 2017-02-19c Stored XSS in DokuWiki through 2017-02-19c via Malicious RSS or Atom Feed SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via sort parameter in addforum action Denial of Service Vulnerability in OpenJPEG 2.2.0 Heap-based Buffer Overflow in ReadSFWImage Function in ImageMagick 7.0.6-8 Cross-Site Scripting (XSS) Vulnerability in PHPMyWind 5.3: shoppingcart.php, message.php, admin/message.php, and admin/message_update.php Buffer Over-read Vulnerability in tcpdump's IPv6 Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Routing Header Parser Buffer Over-read Vulnerability in IEEE 802.11 Parser in tcpdump Buffer Over-read Vulnerability in tcpdump's Telnet Parser Infinite Loop Vulnerability in tcpdump's RESP Parser Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Infinite Loop Vulnerability in ISAKMP Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in RIPng Parser of tcpdump Buffer Over-read Vulnerability in Juniper Protocols Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Infinite Loop Vulnerability in tcpdump DNS Parser Buffer Over-read Vulnerability in tcpdump's PIMv2 Parser Infinite Loop Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in IS-IS Parser of tcpdump Buffer Over-read Vulnerability in IS-IS Parser of tcpdump Cross-Site Request Forgery (CSRF) Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Buffer Over-read Vulnerability in IEEE 802.15.4 Parser in tcpdump Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in AODV Parser of tcpdump Buffer Over-read Vulnerability in LMP Parser of tcpdump Buffer Over-read Vulnerability in Juniper Protocols Parser Buffer Over-read Vulnerability in NFS Parser of tcpdump Buffer Over-read Vulnerability in L2TP Parser of tcpdump Buffer Over-read Vulnerability in Apple PKTAP Parser Buffer Over-read Vulnerability in IEEE 802.11 Parser in tcpdump Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Symlink Attack Vulnerability in IBM Spectrum Protect 7.1 and 8.1 Buffer Over-read Vulnerability in BEEP Parser of tcpdump Buffer Overflow Vulnerability in tcpdump Protocol Parsers Buffer Over-read Vulnerability in tcpdump's ICMP Parser Buffer Over-read Vulnerability in ARP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's White Board Protocol Parser Buffer Over-read Vulnerability in EAP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's ISO ES-IS Parser Buffer Over-read Vulnerability in DHCPv6 Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Improper Access Controls in IBM Sterling B2B Integrator Standard Edition 5.2 Buffer Over-read Vulnerability in tcpdump's VTP Parser Buffer Over-read Vulnerability in ICMPv6 Parser Buffer Over-read Vulnerability in tcpdump's IP Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in tcpdump's IPv6 Mobility Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Buffer Over-read Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in tcpdump's BOOTP Parser Buffer Over-read Vulnerability in PPP Parser of tcpdump Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal and Web Content Manager Buffer Over-read Vulnerability in PIM Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's IPv6 Fragmentation Header Parser Buffer Over-read Vulnerability in RADIUS Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's VTP Parser Buffer Over-read Vulnerability in tcpdump's PGM Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Buffer Over-read Vulnerability in OSPFv3 Parser Buffer Over-read Vulnerability in tcpdump's IP Parser Buffer Over-read Vulnerability in tcpdump's PPP Parser Buffer Over-read Vulnerability in ISAKMP Parser of tcpdump Memory Address Vulnerability in IBM Spectrum Scale/GPFS on Elastic Storage Server (ESS)/GPFS Storage Server (GSS) Buffer Over-read Vulnerability in MPTCP Parser of tcpdump Buffer Over-read Vulnerability in ICMPv6 Parser Buffer Over-read Vulnerability in HNCP Parser of tcpdump Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in HNCP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's VQP Parser Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's ISO ES-IS Parser Buffer Over-read Vulnerability in RSVP Parser of tcpdump Buffer Over-read Vulnerability in Rx Protocol Parser Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 Buffer Over-read Vulnerability in tcpdump's RPKI-Router Parser Buffer Over-read Vulnerability in RSVP Parser of tcpdump Buffer Over-read Vulnerability in CFM Parser of tcpdump Buffer Over-read Vulnerability in BGP Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's LLDP Parser Buffer Over-read Vulnerability in ISO IS-IS Parser Arbitrary Code Execution Vulnerability in PDF-XChange Viewer 2.5 (Build 314.0) Memory Leak Vulnerability in ImageMagick 7.0.6-6 WritePCXImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-6: WriteOneJNGImage Function in coders/png.c Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Memory Leak Vulnerability in ImageMagick 7.0.6-5's ReadMATImage Function ImageMagick 7.0.6-5 Denial of Service Vulnerability in ReadPSDLayersInternal Memory Leak Vulnerability in ImageMagick 7.0.6-6: Denial of Service via Crafted File Heap-Based Buffer Overflow Vulnerability in GraphicsMagick 1.3.26: GetStyleTokens in coders/svg.c:314:12 Heap-Based Buffer Overflow Vulnerability in GraphicsMagick 1.3.26: GetStyleTokens in coders/svg.c:311:12 NULL Pointer Dereference Vulnerability in GraphicsMagick 1.3.26's SVGStartElement Function Memory Leak Vulnerability in GraphicsMagick 1.3.26's CloneImage Function Remote Code Execution Vulnerability in QNAP QTS Media Library SQL Injection Vulnerability in QNAP Helpdesk Application Command Injection Vulnerabilities in QNAP Music Station DLL Hijacking Vulnerability in QNAP Qsync for Windows (exe) Version 4.2.2.0724 and Earlier Remote Code Execution Vulnerability in QNAP Video Station App Center in QNAP QTS: Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in QNAP NAS Photo Station Application WPA/WPA2 Key Reinstallation Attack GTK Key Reinstallation Attack: Exploiting WPA/WPA2 Vulnerability for Frame Replay IGTK Key Reinstallation Attack: Exploiting WPA/WPA2 Wi-Fi Protected Access Improper Access Control in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 Group Temporal Key (GTK) Replay Vulnerability in Wi-Fi Protected Access (WPA and WPA2) IGTK Key Reinstallation Attack: Exploiting Wi-Fi Protected Access (WPA and WPA2) Vulnerability Reinstallation of Pairwise Transient Key (PTK) Vulnerability in Wi-Fi Protected Access (WPA and WPA2) Insecure Update Validation in Akeo Consulting Rufus Prior to Version 2.17.1187 WPA/WPA2 Vulnerability: STSL Transient Key Reinstallation TDLS Peer Key Reinstallation Vulnerability WPA/WPA2 GTK Reinstallation Vulnerability WPA/WPA2 Vulnerability: Replay Attack via WNM Sleep Mode Response Frame Vulnerability: Integer Overflow in Chunk Length Parsing in wget Clear Text Storage of User Credentials in IBM InfoSphere Master Data Management Server 11.0 - 11.6 Vulnerability: Integer Overflow in Chunk Length Parsing in wget Vulnerability: Flawed Encryption and Access Management in IEEE P1735 Standard Flawed Encryption and Access Management in IEEE P1735 Standard: Exploiting Weaknesses for Unauthorized Access Flawed Encryption and Access Management in IEEE P1735 Standard: Exploiting Weaknesses for IP Theft and Hardware Trojans Flawed Encryption and Access Management in IEEE P1735 Standard: Vulnerability Exploits and IP Compromise Flawed Encryption Methods in IEEE P1735 Standard: Vulnerability Exploits Intellectual Property Access Flawed Encryption Methods in IEEE P1735 Standard: Vulnerability Exploiting Access Rights and Cryptographic Weaknesses Flawed Encryption Methods in IEEE P1735 Standard: Exposing Intellectual Property Vulnerability ROBOT: Bleichenbacher Oracle Threat in BouncyCastle TLS ROBOT: Bleichenbacher Oracle Attack in wolfSSL Buffer Overflow Vulnerability in IBM Informix Dynamic Server 12.1 Hard-coded Encryption Key Vulnerability in The Moron Test iOS Application Hard-coded Encryption Key Vulnerability in musical.ly iOS Application Hard-coded Encryption Key Vulnerability in Gameloft Asphalt Xtreme: Offroad Rally Racing Hard-coded Encryption Key Vulnerability in UberEATS iOS Application Insecure SSL Certificate Handling in Security Virus Cleaner - Antivirus, Booster Hard-coded Encryption Key Vulnerability in Cheetahmobile CM Launcher 3D Hard-coded Encryption Key Vulnerability in Live.me Android Application Hard-coded Encryption Key Vulnerability in DFNDR Security Antivirus, Anti-hacking & Cleaner SQL Injection Vulnerability in IBM Insights Foundation for Energy 2.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management VIP.com Application Vulnerability: Remote Information Disclosure and Authentication Hijacking CSRF Vulnerability in ZKTeco ZKTime Web 2.0.1.12280 Allows Remote Admin Hijacking Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Privilege Escalation in BMC Patrol via Crafted libmcmclnx.so File Memory Leak Vulnerability in ImageMagick 7.0.6-8: ReadMIFFImage Function in coders/miff.c Denial of Service Vulnerability in ImageMagick 7.0.6-8 WritePDFImage Function Memory Exhaustion Vulnerability in ImageMagick 7.0.6-8's load_level Function Heap-based Buffer Over-read Vulnerability in ImageMagick and GraphicsMagick NULL Pointer Dereference in VideoLAN x265: Memory Allocation Failure in CUData::initialize Integer Overflow and NULL Pointer Dereference in libbpg's image_alloc function SQL Injection Vulnerability in FormCraft Basic Plugin 1.0.5 for WordPress Bridge Theme for WordPress: DOM-based XSS Vulnerability Allows Arbitrary JavaScript Injection Out-of-Bounds Read Vulnerability in ImageMagick's ReadOneMNGImage Function Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Denial of Service Vulnerability in ImageMagick's ReadOnePNGImage Function Memory Leak Vulnerability in ImageMagick's ReadOnePNGImage Function Insufficient Check for Short Files in ImageMagick PNG Handling Uninitialized Data Exposure in ImageMagick's ReadMATImage Function ImageMagick Crash Vulnerability with Large Image Dimensions ImageMagick ReadJP2Image Function Channel Geometry Validation Vulnerability Memory Leak in ReadMATImage Function in ImageMagick Allocation Failure Vulnerability in GraphicsMagick 1.3.26's ReadMNGImage Function Android Media Framework (libmpeg2) Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Android Media Framework Information Disclosure Vulnerability Critical Remote Code Execution Vulnerability in Android Media Framework (libmpeg2) Android Media Framework Information Disclosure Vulnerability Android Media Framework Elevation of Privilege Vulnerability (libaudioservice) Android Media Framework Elevation of Privilege Vulnerability (libstagefright) Android Elevation of Privilege Vulnerability (CVE-2020-64211847) Android ActivityManagerService Information Disclosure Vulnerability Android ActivityManagerService Information Disclosure Vulnerability (A-32879915) Android ActivityManagerService Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Critical Remote Code Execution Vulnerability in Android Bluetooth Elevation of Privilege Vulnerability in Broadcom Wireless Driver for Android Elevation of Privilege Vulnerability in Android Kernel Binder (Android ID A-64216036) Elevation of Privilege Vulnerability in Android Kernel MTP USB Driver (Android ID A-37429972) Kernel Binder Driver Information Disclosure Vulnerability Kernel File System Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel v4l2 Video Driver (Android ID A-34624167) Kernel Sound Timer Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel SCSI Driver (Android ID A-65023233) Kernel Camera Server Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Android Elevation of Privilege Vulnerability in MediaTek Display Driver Elevation of Privilege Vulnerability in MediaTek Performance Service on Android Elevation of Privilege Vulnerability in MediaTek Bluetooth Driver for Android Elevation of Privilege Vulnerability in MediaTek System Server on Android Elevation of Privilege Vulnerability in Android Kernel EDL (A-63100473) Android libwilhelm Information Disclosure Vulnerability (N-CVE-2017-13175) Improper Input Validation in parseURL Function of URLStreamHandler in Android NEON Register Preservation Vulnerability in libhevc Out-of-bounds Write Vulnerability in SoftAVCDec's initDecoder Function Out-of-bounds Write Vulnerability in SoftHEVC's ihevcd_allocate_static_bufs and ihevcd_create Functions Arbitrary Command Execution Vulnerability in IBM MQ Appliance 8.0 and 9.0 Use-after-free vulnerability in SoftAVCDec on Android 6.0-8.1 allows local privilege escalation Double Free Vulnerability in MtpServer Allows Local Elevation of Privilege on Android Integer Overflow Vulnerability in ACodec's sendFormatChange Function Race condition vulnerability in OMXNodeInstance::useBuffer and IOMX::freeBuffer functions in Android 8.1 allows local privilege escalation and code execution Use-after-free vulnerability in enableVSyncInjections function of SurfaceFlinger in Android 8.0 and 8.1 allows for local privilege escalation Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework (libavc) Vulnerability: Incorrect Use of mmco Parameters Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework (AAC) Information Disclosure Vulnerability Memory Allocation Vulnerability in Android Media Framework (libavc) Missing Secure Attribute in Encrypted Session Cookie Vulnerability in IBM Tivoli Federated Identity Manager 6.2 Memory Allocation Vulnerability in Android Media Framework (libhevc) Infinite Loop Denial of Service Vulnerability in ihevcd_decode Function Infinite Loop Denial of Service Vulnerability in ihevcd_parse_slice_header Function Infinite Loop Denial of Service Vulnerability in ihevcd_decode.c Android Media Framework (libvpx) Vulnerability: Odd Frame Width Exploit Negative parameter values in ihevcd_parse_sps function leading to infinite loop and remote denial of service vulnerability in Android Memory Leak Vulnerability in ihevcd_decode.c Unjoined Slave Threads Denial of Service Vulnerability in Android Android Media Framework Vulnerability: Color Map Composition Issue Out-of-Memory Exception Vulnerability in Bitmap.ccp Leads to Remote Denial of Service in Android 8.0 and 8.1 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Federated Identity Manager 6.2 Android Media Framework ID3 Unsynchronization Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework (libavc) Information Disclosure Vulnerability Android Media Framework (libavc) Information Disclosure Vulnerability Android Media Framework (libmpeg2) Information Disclosure Vulnerability Android Media Framework (aacdec) Information Disclosure Vulnerability Stagefright MPEG4Writer Information Disclosure Vulnerability in Android Media Framework Out-of-bounds Write Vulnerability in Android DHCP Response Handling Insecure Permissions Check in ServiceManager::add Function Allows Service Replacement and Local Elevation of Privilege in Android 8.0 and 8.1 Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Information Server 9.1, 11.3, and 11.5 Out-of-bounds write vulnerability in CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp Resource Exhaustion Vulnerability in Android BLE Scanner Android SystemUI Elevation of Privilege Vulnerability (CVE-2020-12345) Elevation of Privilege Vulnerability in Broadcom bcmdhd Driver for Android Critical Denial of Service Vulnerability in Android's Hardware HEVC Decoder Elevation of Privilege Vulnerability in Android Kernel's Upstream skcipher Out-of-bounds Write Vulnerability in ashmem_ioctl of ashmem.c Out-of-Bounds Write Vulnerability in DisplayFtmItem in Android Bootloader Vulnerability: Side Channel Attack on CNTVCT_EL0 in Snapdragon SoCs Denial of Service Vulnerability in Android Kernel's Synaptics Touchscreen Controller XML External Entity Injection (XXE) Vulnerability in IBM API Connect 5.0.6.0 Elevation of Privilege Vulnerability in Android Kernel Bluez Elevation of Privilege Vulnerability in Android Upstream Kernel WiFi Driver (A-64709938) Android Upstream Kernel Information Disclosure Vulnerability (A-38159576) Heap Buffer Overflow in libMtkOmxVdec.so: Remote Elevation of Privilege Vulnerability Elevation of Privilege Vulnerability in MediaTek mtk Android Kernel (A-32591194) Out-of-bounds Write Vulnerability in ih264d_ref_idx_reordering of libavc Critical Remote Code Execution Vulnerability in Android Media Framework Hevc Codec Out-of-Bounds Write Vulnerability in Android Out-of-Bounds Write Vulnerability in libmediadrm Out-of-bounds Write Vulnerability in Audioserver with Local Information Disclosure Resource Exhaustion Vulnerability in ihevcd_ctb_boundary_strength_pbslice of libhevc Memory Leak Vulnerability in DLSParser of Sonivox Library Allows Remote Denial of Service Android Media Framework Vulnerability (A-68342866) KeyStore Service Permissions Bypass Vulnerability XBLRamDump Mode Memory Dump Vulnerability Android UI Framework Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Android Crypto Framework Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Bluetooth Information Disclosure Vulnerability (A-62672248) Android UI Information Disclosure Vulnerability Android Upstream Kernel Easel Elevation of Privilege Vulnerability (ID: A-62678986) Android Upstream Kernel Audio Driver Elevation of Privilege Vulnerability Android Upstream Kernel Network Driver Information Disclosure Vulnerability (ID: A-36279469) Carrier Bootloader Lock Bypass Vulnerability in Pixel 2 Bootloader Out-of-Bound Write Vulnerability in impeg2_idct_recon_sse42() of Android Out-of-Bounds Write Vulnerability in impeg2d_api_set_display_frame of Android (Versions 6.0-8.1) Cross-Site Scripting Vulnerability in IBM iNotes 8.5 and 9.0 Out-of-Bounds Write Vulnerability in ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c Out-of-bounds Write Vulnerability in impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c Out-of-Bounds Write and Uninitialized Memory Read Vulnerability in CryptoHal::decrypt of CryptoHal.cpp Out of Bounds Write Vulnerability in CryptoPlugin::decrypt of CryptoPlugin.cpp AACExtractor Vulnerability in Android Media Framework Out of Bounds Write Vulnerability in sdp_server.c of Android (A-68776054) Out of Bounds Write Vulnerability in Android SDP Server (CVE-2020-12345) Use After Free Vulnerability in bta_pan_act.cc of Android (A-67110692) Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc in Android Out of Bounds Read Vulnerability in sdp_discovery.cc in Android Improper User Request Restriction in IBM Sterling File Gateway (IBM X-Force ID: 126060) Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc Out-of-bounds Read Vulnerability in bnep_process_control_packet of bnep_utils.cc in Android Out of Bounds Read Vulnerability in bnep_data_ind of bnep_main.cc in Android Android Framework Elevation of Privilege Vulnerability (Android 8.0, 8.1) Avcdec Vulnerability in Android Media Framework (Android ID: A-70294343) Android OTA Update Elevation of Privilege Vulnerability Stack Corruption Vulnerability in avrc_pars_vendor_cmd of avrc_pars_tg.cc in Android Stack Corruption Vulnerability in avrc_pars_vendor_cmd of avrc_pars_tg.cc in Android 6.0 - 8.1 Android Bluetooth Information Disclosure Vulnerability (CVE-2018-9505) Android Bluetooth Information Disclosure Vulnerability (CVE-2018-9489) Cross-Site Scripting (XSS) Vulnerability in IBM iNotes 8.5 and 9.0 Elevation of Privilege Vulnerability in Android Kernel's mnh_sm Driver (CVE-2021-12345) Elevation of Privilege Vulnerability in Android Kernel's mnh_sm Driver Out-of-Bounds Write Vulnerability in alarm_ready_generic of alarm.cc Race Condition Vulnerability in xt_qtaguid.c Incorrect Web Origin Determination Vulnerability in getHost() Function of UriTest.java Out of Bounds Read Vulnerability in getVSCoverage of CmapCoverage.cpp Stack Buffer Overflow in CProgramConfig_ReadHeightExt of tpdec_asc.cpp in Android 6.0-8.1 Out-of-bounds Write Vulnerability in ihevcd_fmt_conv of Android (CVE-2020-XXXXX) Possible Use After Free Vulnerability in MediaPlayerService::Client::notify of Android Memory Resource Exhaustion Vulnerability in M3UParser::parse of M3UParser.cpp Improper Handling of Security Policy in IBM API Connect 5.0.0.0 - 5.0.6.0 Out of Bounds Read Vulnerability in libframesequence of Android Stack Buffer Overflow in avrc_pars_browsing_cmd of avrc_pars_tg.cc in Android 8.0 and 8.1 Stack Buffer Overflow in avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc in Android 7.0-8.1.2 Out-of-bounds Write Vulnerability in Bluetooth AVRCP Control Unauthenticated Remote Escalation of Privilege in Android Bluetooth Keyboard Pairing Uninitialized Buffer Out-of-Bounds Write Vulnerability in SvoxSsmlParser Permission Bypass in writeToParcel and readFromParcel of OutputConfiguration.java Improper Input Validation in VerifyCredentialResponse.java leading to Local Privilege Escalation Permission Bypass in writeToParcel and readFromParcel of PeriodicAdvertisingReport.java Permission Bypass Vulnerability in RttManager.java HTML Injection Vulnerability in IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 Out-of-bounds Read Vulnerability in sdp_server_handle_client_req of Android NULL Pointer Dereference Vulnerability in avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc in Android 7.0-8.1 Out-of-bounds Write Vulnerability in wl_get_assoc_ies of wl_cfg80211.c Out of Bounds Write Vulnerability in nfc_hci_cmd_received() Function of Android Kernel Android Framework Information Disclosure Vulnerability in AOSP Email Application Android Package Installer Denial of Service Vulnerability Android Media Framework Information Disclosure Vulnerability in libavc Android Media Framework (libhevc) Information Disclosure Vulnerability Android Media Framework Information Disclosure Vulnerability Android Media Framework (libavc) Vulnerability: A-70897394 Android Media Framework (libhevc) Denial of Service Vulnerability Android System UI Denial of Service Vulnerability (Android 8.0) Android System UI Denial of Service Vulnerability (Android 8.0) Broadcom bcmdhd Driver Information Disclosure Vulnerability Information Disclosure Vulnerability in Android Kernel's Upstream mnh_sm Driver Android Kernel Encrypted-Keys Information Disclosure Vulnerability (A-70526974) Upstream Kernel mnh Driver Elevation of Privilege Vulnerability in Android Elevation of Privilege Vulnerability in Android Kernel's Upstream Kernel PCI Sysfs Cross-Site Scripting Vulnerability in IBM Content Navigator 2.0.3 and 3.0.0 Cross-Site Scripting (XSS) Vulnerability in IBM iNotes 8.5 and 9.0 Information Disclosure Vulnerability in IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Code Injection Vulnerability in IBM Infosphere BigInsights 4.2.0 Plain Text Transmission of User Credentials in IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS Application Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Weak Encryption of Passwords in IBM Spectrum Protect Server Information Disclosure Vulnerability in IBM Jazz Reporting Service (JRS) 6.0.4 Unauthorized Access Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Information Disclosure Vulnerability in IBM Insights Foundation for Energy 2.0 Cross-Site Scripting (XSS) Vulnerability in IBM Insights Foundation for Energy 2.0 Temporary File Exposure Vulnerability in IBM Business Process Manager SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Local User Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Privilege Escalation Vulnerability in IBM InfoSphere Information Server Command Injection Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 IBM Atlas eDiscovery Process Management 6.0.3 Clickjacking Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Atlas eDiscovery Process Management 6.0.3 Sensitive Information Disclosure in IBM Atlas eDiscovery Process Management 6.0.3 SQL Injection Vulnerability in IBM Atlas eDiscovery Process Management 6.0.3 Email Forgery Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Vulnerability: Plain Text Storage of User Credentials in IBM Security Identity Manager Adapters 6.0 and 7.0 Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC) Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Memory Leak Vulnerability in GraphicsMagick 1.3.26's ReadMATImage Function UnrealIRCd 4.0.13 and earlier Privilege Escalation via PID File Modification Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC) Clickjacking Vulnerability in NetApp OnCommand Insight Null Pointer Dereference Vulnerability in ImageMagick's ReadMATImage Function Weak Cryptographic Algorithms in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2: A Potential Decryption Vulnerability Firmware Vulnerability: Encryption Key Exposure in iSmartAlarm CubeOne (Version 2.2.4.8 and Earlier) Firmware Vulnerability: Arbitrary Command Execution via Password File Exposure in iSmartAlarm CubeOne Integer Underflow Vulnerability in pixel-a.asm in MulticoreWare x265 through 2.5 SSRF Vulnerability in OX App Suite 7.8.4 and Earlier Cross Site Scripting (XSS) vulnerability in OX App Suite 7.8.4 and earlier SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via setanswered parameter in staffbox.php Sensitive Information Disclosure in IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 Arbitrary File Upload Vulnerability in BlackCat CMS 1.2 Persistent XSS vulnerability in MISP before 2.4.79 via comments QEMU VGA Display Emulator Out-of-Bounds Read Vulnerability Vulnerability: Denial of Service in VGA Display Update with Split Screen Mode Privilege Escalation Vulnerability in Symantec ProxyClient 3.4 for Windows Symantec Endpoint Encryption DoS Vulnerability Norton Remove & Reinstall DLL Preloading Vulnerability Denial-of-Service Vulnerability in Symantec Advanced Secure Gateway (ASG) and ProxySG Management Consoles Stored XSS Vulnerability in Symantec Advanced Secure Gateway (ASG) and ProxySG Management Consoles Symantec Encryption Desktop DoS Vulnerability Insecure Cookie Handling in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Unauthorized File Deletion Vulnerability in Symantec Endpoint Protection Privilege Escalation Vulnerability in Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 Kernel Memory Leak Vulnerability in Symantec Encryption Desktop Kernel Memory Leak Vulnerability in Symantec Endpoint Encryption Denial of Service and Stack Corruption Vulnerability in Unisys Libra 64xx and 84xx and FS601 Class Systems with MCP-FIRMWARE Remote Denial of Service Vulnerability in SQLite 3.20.0 NULL pointer dereference vulnerability in net/ipv4/route.c in Linux kernel 4.13-rc1 through 4.13-rc6 Buffer Over-read Vulnerability in Cisco HDLC Parser Buffer Over-read Vulnerability in OLSR Parser of tcpdump Buffer Over-read Vulnerability in tcpdump's IKEv1 Parser Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Buffer Over-read Vulnerability in IKEv2 Parser of tcpdump Denial of Service Vulnerability in Tidy 5.5.31: IsURLCodePoint Function in attrs.c ACPI Operand Cache Flushing Vulnerability ACPI Table Vulnerability: Kernel Memory Information Disclosure and KASLR Bypass ACPI Operand Cache Flushing Vulnerability Buffer Overflow Vulnerability in Dup Scout Enterprise, Disk Savvy Enterprise, Sync Breeze Enterprise, and Disk Pulse Enterprise Web Server Component XSS Vulnerability in dayrui FineCms 5.0.11 controllers/member/api.php Vulnerability: Extraction of Default Keys from MOXA EDS-G512E Firmware Image Insecure Password Encryption Method on MOXA EDS-G512E Devices Information Disclosure Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 and 6.0 XSS Vulnerability in MOXA EDS-G512E Administration Interface Insecure Storage of Sensitive Information in MOXA EDS-G512E 5.1 Build 16072215 Devices Cookie Theft and Manipulation Vulnerability on MOXA EDS-G512E 5.1 Build 16072215 Devices Denial of Service Vulnerability on MOXA EDS-G512E 5.1 Build 16072215 Devices Denial of Service Vulnerability in dnsmasq 2.78 and earlier Lansweeper XML External Entity (XXE) Vulnerability in Import Package Functionality Privilege Escalation via Sudo Command Execution in Replibit Backup Manager Remote Code Execution Vulnerability in VX Search Enterprise 10.0.14 Web Server Service File Overwrite Vulnerability in FlightGear Main/logger.cxx Unauthorized Execution of Builder Tool Actions in IBM TRIRIGA Application Platform Denial of Service Vulnerability in libbfd's setup_group Function QEMU Use-After-Free Vulnerability in sofree Function NULL Pointer Dereference in id3v2AddAudioDuration function in LAME 3.99.5 Remote Code Execution Vulnerability in T&W WIFI Repeater BE126 Uninitialized Variable Vulnerability in Linux Kernel's __skb_flow_dissect Function Denial of Service Vulnerability in libiberty's C++ Symbol Demangler Routine Insecure Access-Control-Allow-Origin Header in Starry Station Router Allows Credential Brute-Force and Data Extraction Brute Force PIN Vulnerability in Starry Station HTTP API Stack-based Buffer Overflow in Amcrest IP Camera HTTP API Cross-Site Scripting (XSS) Vulnerability in IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 Buffer Over-read Vulnerability in PatternMatch Function in libXfont X.Org Server X Shared Memory Extension Vulnerability Buffer Over-read Vulnerability in libXfont Buffer Overflow Vulnerability in X.Org Server Stored Cross Site Scripting Vulnerability in APN Parameter on Axesstel MU553S MU55XS-V1.14 Buffer Over-read Vulnerability in tcpdump's IPv6 Routing Header Parser Remote Denial of Service Vulnerability in LibTIFF 4.0.8: Reachable Assertion Abort in TIFFWriteDirectorySec() Remote Denial of Service Vulnerability in LibTIFF 4.0.8: Reachable Assertion Abort in TIFFWriteDirectoryTagSubifd() Remote Denial of Service Vulnerability in ncurses 6.0's comp_scan.c Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in _nc_save_str Function Unauthorized Report Execution Vulnerability in IBM TRIRIGA Application Platform Remote Denial of Service Vulnerability in ncurses 6.0 Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in postprocess_termcap() Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in dump_uses() Function Remote Denial of Service Vulnerability in ncurses 6.0: Illegal Address Access in fmt_entry Function Remote Denial of Service Vulnerability in ncurses 6.0's _nc_safe_strcat Function Floating Point Exception Vulnerability in LibRaw 0.18.2 Remote Denial of Service Vulnerability in GraphicsMagick 1.3.26 Remote Denial of Service Vulnerability in GraphicsMagick 1.3.26 Illegal Address Access Vulnerability in _lou_getALine function in Liblouis 3.2.0 Heap-based Buffer Overflow in Liblouis 3.2.0: Remote Code Execution Vulnerability IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 Vulnerability: Unauthorized Access to Sensitive Data Stack-based Buffer Overflow in Liblouis 3.2.0's parseChars() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0: Use-After-Free in compileBrailleIndicator() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0 via Stack-Based Buffer Overflow in includeFile() Function Remote Denial of Service Vulnerability in Liblouis 3.2.0 Illegal Address Access Vulnerability in _lou_getALine() Function in Liblouis 3.2.0 Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_sot() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_siz() Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_floorlog2() Remote Denial of Service Vulnerability in JasPer 2.0.12: Memory Leaks in jas_strdup() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_pi_nextrpcl() Weak Cryptographic Algorithms in IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_siz() Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in calcstepsizes() Function Remote Denial of Service Vulnerability in JasPer 2.0.12: Reachable Assertion Abort in jpc_dequantize() Arbitrary Web Script Injection in Wibu-Systems CodeMeter Advanced Settings - Time Server Module Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK) 4.4.2 Infinite Recursion Vulnerability in The Sleuth Kit (TSK) 4.4.2 Heap-based Buffer Over-read Vulnerability in GNU Binutils 2.29 Heap-Based Buffer Overflow in TracePoint() Function in ImageMagick 7.0.6-10 IBM J9 VM Class Verifier Security Bypass Vulnerability Vulnerability: Hang in fls on Corrupt exFAT Image in The Sleuth Kit (TSK) 4.4.2 Information Disclosure Vulnerability in Fastly CDN Module for Magento2 XSS Vulnerability in ONOS Versions 1.8.0, 1.9.0, and 1.10.0 Unrestricted Memory Allocation and Netty Payload Size Vulnerability in ONOS Versions 1.8.0, 1.9.0, and 1.10.0 Vulnerability: NULL Pointer Dereference in Wireshark 2.4.0 Modbus Dissector Buffer Over-read Vulnerability in Wireshark IrCOMM Dissector Profinet I/O Dissector Out-of-Bounds Write Vulnerability in Wireshark 2.4.0 and 2.2.0 to 2.2.8 MSDP Dissector Infinite Loop Vulnerability Denial of Service Vulnerability in ImageMagick's IdentifyImage Function Denial of Service Vulnerability in ImageMagick's WriteTHUMBNAILImage Function IBM Runbook Automation Error Messages Expose Sensitive Information, Posing Security Risk Plaintext Transmission of Network Configuration Credentials in Lexmark Scan To Network (SNF) 3.2.9 and Earlier Stack-based Buffer Overflow Vulnerabilities in TP-Link WR940N WiFi Routers with Hardware Version 4 Local User Password-Recovery Code Generation Vulnerability in Hikvision iVMS-4200 Devices Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadJNXImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadXBMImage() Function Denial of Service Vulnerability in GraphicsMagick 1.3.26's ReadXBMImage() Function XSS Vulnerability in Fiyo CMS 2.0.7 via site_name Parameter in sys_config.php Insecure Permissions in GSTN Offline Tool Allows Privilege Escalation and Remote Command Execution Unencrypted Login Credentials Disclosure in IBM Spectrum Protect Directory Traversal Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Memory-read bypass vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Vulnerability: Cleartext APFS Data Disclosure via Crafted Thunderbolt Adapter Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Address Bar Spoofing Vulnerability in Safari Improper Handling of Requests in IBM API Connect 5.0.0.0 Developer Portal Allows Remote Information Disclosure Address Bar Spoofing Vulnerability in Safari Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Vulnerability in macOS APFS Component Allows Arbitrary Code Execution or Denial of Service Local File Disclosure Vulnerability in macOS Dictionary Widget Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Remote Code Execution Vulnerability in Apple StreamingZip Component Lock-screen Bypass Vulnerability in Siri on iOS before 11.1 iOS Profile Pairing Vulnerability Apple macOS Audio Component Remote Code Execution Vulnerability Remote Code Execution Vulnerability in macOS Remote Management Component Remote Code Execution Vulnerability in AppleScript Component Caching Vulnerability in IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) Information Disclosure Vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in macOS 10.13.1 and Earlier Remote Code Execution Vulnerability in macOS libarchive Component Buffer Overflow Vulnerability in macOS libarchive Component Remote Code Execution Vulnerability in ImageIO Component of macOS Denial of Service Vulnerability in macOS 10.13.1 and Earlier Buffer Overflow Vulnerability in macOS libarchive Component Out-of-Bounds Read Vulnerability in Apple macOS Kernel Memory-read bypass vulnerability in macOS Kernel Cross-Site Scripting (XSS) Vulnerability in macOS HelpViewer Component File Permissions Vulnerability in IBM WebSphere Application Server Vulnerability in ATS Component Allows Information Disclosure and Denial of Service Memory-read bypass vulnerability in macOS 10.13.1 and earlier via crafted app Memory-read bypass vulnerability in Quick Look component on macOS Memory-read bypass vulnerability in QuickTime component on macOS 10.13.1 and earlier Remote Code Execution Vulnerability in macOS Open Scripting Architecture Remote Code Execution and Denial of Service Vulnerability in macOS CoreText Component Arbitrary Code Execution Vulnerability in macOS kext tools Component Remote User Interface Spoofing Vulnerability in macOS Fonts Component Arbitrary Code Execution and Denial of Service Vulnerability in macOS CFNetwork Component XML External Entity Injection (XXE) Vulnerability in IBM InfoSphere Information Server 9.1, 11.3, and 11.5 Arbitrary Code Execution and Denial of Service Vulnerability in macOS HFS Component Remote Information Disclosure and Denial of Service Vulnerability in macOS ImageIO Component Vulnerability in macOS 802.1X Component Allows for Unspecified Impact via TLS 1.0 Support Arbitrary Code Execution and Denial of Service Vulnerability in macOS CFNetwork Component Memory Corruption Vulnerability in macOS Kernel Memory Corruption Vulnerability in macOS High Sierra 10.13 Allows Arbitrary Code Execution with Elevated Privileges Memory-read bypass vulnerability in macOS Kernel FileVault Unlock Key Access Entitlements Issue in macOS Arbitrary Code Execution and Denial of Service Vulnerability in macOS Sandbox Component Local User File Visibility Vulnerability in macOS Spotlight Memory-read bypass vulnerability in macOS Kernel Memory-read bypass vulnerability in macOS Kernel Memory-read bypass vulnerability in macOS Kernel Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel Arbitrary Photo Viewing Vulnerability in iOS Lock-Screen Messages Vulnerability in PCRE Library Allows Remote Attackers to Cause Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in IOKit Component Arbitrary Code Execution Vulnerability in macOS IOKit Component Denial of Service Vulnerability in Apple CoreText Component Font Importer Vulnerability in macOS 10.12.6 and Earlier Local Privilege Escalation Vulnerability in macOS DesktopServices Arbitrary App Monitoring Vulnerability in Apple Products AppleGraphicsControl Privilege Escalation and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution Vulnerability in macOS IOKit Component Bypassing Policy Restrictions and Password Interception in IBM API Connect 5.0.0.0 S/MIME Credential Encryption Mishandling Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel iOS APNs Component Vulnerability: Man-in-the-Middle Attack for User Tracking Vulnerability: Man-in-the-Middle Attack on APNs Server in iCloud and iTunes Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Memory-read bypass vulnerability in Apple Kernel component Memory-read bypass vulnerability in Apple Kernel component Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Cleartext E-mail Content Disclosure Vulnerability in macOS Mail Component macOS High Sierra Root User Password Bypass Vulnerability Sensitive Network-Activity Information Disclosure Vulnerability Vulnerability: Encryption Bypass in iOS Mail Component Vulnerability in Intel Graphics Driver in macOS before 10.13.2 Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Arbitrary File Existence Disclosure Vulnerability in iOS Sandbox Profiles Vulnerability in Intel Graphics Driver component allows memory-read bypass and denial of service Arbitrary Code Execution and Denial of Service Vulnerability in iOS 11.2 and Earlier Arbitrary Code Execution Vulnerability in iOS 11.2 and watchOS 4.2 Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products Privileged WiFi System Configuration Access Vulnerability in macOS High Sierra APFS Logic Issue in macOS High Sierra: Improved State Management Type Confusion Vulnerability in iOS Pre-11.2: Improved Memory Handling Credential Validation Logic Error in macOS High Sierra and Earlier Versions Remote Disk-Image Mounting Vulnerability in macOS Inconsistent User Interface Issue in iOS Pre-11.2: Improved State Management Contact Information Sharing Vulnerability Remote Attackers Can Manipulate HomeKit Component to Unlock Doors Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel Elevated Privileges Vulnerability Patched in Apple Operating Systems Privilege Escalation Vulnerability in macOS High Sierra and Sierra Screen Lock Bypass Vulnerability in macOS High Sierra 10.13.1 and earlier versions Vulnerability: Local Execution of Non-Executable Text Files via SMB Share Vulnerability: Local Access to iCloud Authentication Tokens in macOS High Sierra 10.13 Sandbox Restrictions Patched in macOS High Sierra 10.13 to Prevent Unauthorized File Access Configuration Issue Patched in macOS Security Updates 2018-002 and 10.13.2 Failure to Enable HTTP Strict Transport Security in IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 Unintended Access Control Vulnerability in IBM Security Identity Governance Virtual Appliance Open Redirect Vulnerability in IBM WebSphere Commerce Unrestricted File Upload Vulnerability in HPE BSM Platform Application Performance Management System Health Authentication Bypass Vulnerability in HPE BSM Platform Application Performance Management System Health Directory Traversal Vulnerability in HPE BSM Platform Application Performance Management System Health Directory Traversal Vulnerability in HPE BSM Platform Application Performance Management System Health Unintended Information Disclosure through Reflected Cross-Site Scripting (XSS) in ArcSight ESM and ESM Express Insufficient Access Control Vulnerability in ArcSight ESM and ESM Express: Unauthorized Log File Download Improper Access Control Vulnerability in ArcSight ESM and ESM Express Improper Access Control Vulnerability in ArcSight ESM and ESM Express Apache Tomcat Version Disclosure Vulnerability in ArcSight ESM and ESM Express ArcSight ESM and ESM Express Information Leakage Vulnerability Insufficient Entropy in LOYTEC LVIS-3ME Web Interface Authentication Mechanism Allows Remote Code Execution Uncontrolled Search Path Element Vulnerability in i-SENS SmartLog Diabetes Management Software Cross-site Scripting Vulnerability in LOYTEC LVIS-3ME Web Interface Improper Authentication in iniNet Webserver Allows Unauthorized Access and Data Manipulation Relative Path Traversal Vulnerability in LOYTEC LVIS-3ME Web User Interface Missing Authentication for Critical Function in Schneider Electric InduSoft Web Studio and InTouch Machine Edition Insufficient Protection of Sensitive Information in LOYTEC LVIS-3ME Application Stack-based Buffer Overflow Vulnerabilities in WECON LEVI Studio HMI Editor v1.8.1 and Prior Versions Improper Authentication Vulnerability in Ctek SkyRouter Series 4200 and 4400 OS Command Injection Vulnerability in Digium Asterisk GUI 2.1.0 and Prior Default or Hard-Coded Credentials Vulnerability in GE Infinia/Infinia with Hawkeye 4 Medical Imaging Systems LAVA Ether-Serial Link (ESL) Firmware Authentication Bypass Vulnerability Default or Hard-Coded Credentials Vulnerability in GE GEMNet License Server (EchoServer) Unverified Password Change Vulnerability in ProMinent MultiFLEX M10a Controller Web Interface Default or Hard-Coded Credentials Vulnerability in GE Xeleris Medical Imaging Systems Insufficient Session Expiration in ProMinent MultiFLEX M10a Controller Web Interface Default or Hard-Coded Credentials Vulnerability in GE Centricity PACS RA1000 Plaintext Password Exposure in ProMinent MultiFLEX M10a Controller Web Interface Uncontrolled Search Path Element Vulnerability in SpiderControl MicroBrowser ProMinent MultiFLEX M10a Controller Web Interface Cross-Site Request Forgery Vulnerability Unencrypted PHI at Rest in Boston Scientific ZOOM LATITUDE PRM Model 3120 Client-Side Session Persistence Vulnerability in ProMinent MultiFLEX M10a Controller Hard-coded Cryptographic Key Vulnerability in Boston Scientific ZOOM LATITUDE PRM Model 3120 Stack-based Buffer Overflow in Advantech WebAccess Versions Prior to V8.2_20170817 Uncontrolled Search Path Element Vulnerability in Progea Movicon Version 11.5.1181 and Prior Authentication Bypass Vulnerability in Johnson & Johnson Ethicon Endo-Surgery Generator Gen11 Unquoted Service Path Privilege Escalation Vulnerability in Progea Movicon Version 11.5.1181 and Prior Uncontrolled Search Path Element (DLL Hijacking) Vulnerability in AutomationDirect Software Hard-coded Cryptographic Key Vulnerability in Korenix JetNet Switches Improper Input Validation in Rockwell Automation FactoryTalk Alarms and Events Allows Remote Denial of Service Improper Input Validation Vulnerability in Siemens SIMATIC PCS 7 V8.1 and WinCC V7.3/V8.2 Stack-based Buffer Overflow Vulnerability in Schneider Electric InduSoft Web Studio and InTouch Machine Edition Improper Input Validation Vulnerability in ABB FOX515T Release 1.0 Allows Unauthorized File Retrieval Authentication Bypass Vulnerability in Ice Qube Thermal Management Center Undocumented Hard-coded Credentials Vulnerability in Korenix JetNet Series Resource Exhaustion Vulnerability in Moxa NPort Devices Uncontrolled Search Path Element Vulnerability in Trihedral VTScada 11.3.03 and Prior Unquoted Service Path Escalation Vulnerability in Moxa MXview v2.8 and Prior Improper Access Control Allows Unauthorized File System Manipulation in Trihedral VTScada Bypassing Peer Authentication in ARM mbed TLS Denial of Service Vulnerability in OpenSSL::ASN1 Module in Ruby Heap-based buffer over-read vulnerability in restore_tqb_pixels function in libavcodec allows for denial of service or other impact Serialization Vulnerability in CrushFTP 8.x before 8.2.0 Cross-Site Scripting (XSS) Vulnerability in CrushFTP before 7.8.0 and 8.x before 8.2.0 HTTP Header Vulnerability in CrushFTP Versions 7.8.0 and below, and 8.x before 8.2.0 CrushFTP Redirect Vulnerability Heap-based Buffer Overflow in OpenJPEG 2.2.0's opj_t2_encode_packet Function OpenJPEG 2.2.0 - Remote Denial of Service Vulnerability in bin/jp2/convert.c OpenJPEG 2.2.0 - Stack-based Buffer Overflow in pgxtoimage Function Memory Allocation Failure in ReadPNMImage Function in GraphicsMagick 1.3.26 Arbitrary PHP Code Injection in BlackCat CMS 1.2 via backend/addons/ajax_create.php XSS Vulnerability in BlackCat CMS 1.2 Backend Settings Insufficient Verification of Code Origin and Integrity in IBM Security Identity Manager Virtual Appliance 7.0 Arbitrary PHP Code Execution Vulnerability in BlackCat CMS 1.2 Integer Overflow Vulnerability in qla2x00_sysfs_write_optrom_ctl Function Unspecified Cookie Secure Flag Vulnerability in NetApp OnCommand Unified Manager Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in ivr_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in mv_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in rl2_read_header() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in asf_read_marker() Denial of Service Vulnerability in FFmpeg 2.4 and 3.3.3 DoS Vulnerability in FFmpeg 3.3.3: CPU and Memory Consumption in cine_read_header() NULL Pointer Dereference Vulnerability in ImageMagick 7.0.6-10 Integer Overflow in _isBidi Function in Libidn2: Remote DoS and Possible Other Impact Integer Overflow in decode_digit Function in Libidn2: Remote DoS and Possible Other Impact Improper Host Validation in Async Http Client Arbitrary Memory Exposure in Ruby's JSON.generate SQL Injection Vulnerability in NexusPHP 1.5.beta5.20120707 via usernw Array Parameter in nowarn.php Arbitrary Command Execution Vulnerability in IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 XSS Vulnerability in NexusPHP 1.5.beta5.20120707 via PATH_INFO in ipsearch.php Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier SQL Injection in NexusPHP 1.5.beta5.20120707 via id parameter in linksmanage.php editlink action HTML Injection in Securimage 3.6.4 and earlier via $_SERVER['HTTP_USER_AGENT'] parameter in example_form.ajax.php or example_form.php Arbitrary Code Execution via SQL Injection in Trend Micro Mobile Security (Enterprise) Versions before 9.7 Patch 3 Arbitrary Code Execution through Unrestricted File Uploads in Trend Micro Mobile Security (Enterprise) Blank Password Authentication Bypass Vulnerability in Trend Micro Mobile Security (Enterprise) Arbitrary Code Execution Vulnerability in Trend Micro Mobile Security (Enterprise) Versions before 9.7 Patch 3 Uninitialized Pointer Information Disclosure Vulnerability in Trend Micro Mobile Security (Enterprise) Versions 9.7 and Below Remote Unauthenticated Download of OfficeScan Encryption File in Trend Micro OfficeScan 11.0 and XG Arbitrary Code Execution Vulnerability in Trend Micro OfficeScan 11.0 and XG Title: Information Disclosure Vulnerabilities in Trend Micro OfficeScan 11.0 and XG: Unauthorized Access to Network NT Domain and PHP Version Pre-authorization Remote Process Execution and INI Corruption Vulnerability in Trend Micro OfficeScan 11.0 and XG Host Header Injection Vulnerability in Trend Micro OfficeScan XG (12.0) Memory Corruption Privilege Escalation in Trend Micro OfficeScan 11.0 and XG via tmwfp.sys Remote Memory Corruption Vulnerability in Trend Micro OfficeScan 11.0 and XG Sensitive Information Disclosure Vulnerability in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Unencrypted Communications Vulnerability in Trend Micro ScanMail for Exchange 12.0 Exploitable Vulnerability in Trend Micro ScanMail for Exchange 12.0 Allows File Overwrite via Other Update Sources CSRF Vulnerability in Trend Micro ScanMail for Exchange 12.0 Web Interface Forms Cross-Site Scripting (XSS) Vulnerability in Trend Micro ScanMail for Exchange 12.0 Log Query and Quarantine Query Pages Cron Job Injection Vulnerability in Trend Micro Smart Protection Server (Standalone) 3.2 and Below Remote Command Execution via Local File Inclusion in Trend Micro Smart Protection Server (Standalone) Versions 3.2 and Below Stored XSS Vulnerability in Trend Micro Smart Protection Server (Standalone) Versions 3.2 and Below Improper Access Control Vulnerability in Trend Micro Smart Protection Server (Standalone) Allows Database Decryption Denial of Service Vulnerability in Asterisk 13.x and 14.x Unauthorized Media Takeover in Asterisk RTP Stack Arbitrary Shell Command Injection in Asterisk's app_minivm Module XML External Entity (XXE) Vulnerability in Conserus Image Repository Archive Solution 2.1.1.105 by McKesson Medical Imaging Company Privilege Escalation via PID File Manipulation in MIMEDefang 2.80 and Earlier Use-after-free vulnerability in GraphicsMagick 1.3.26 allows remote attackers to conduct attacks via crafted file in ReadJNGImage and ReadOneJNGImage functions. Arbitrary JSP Code Execution Vulnerability in HiveManager Classic 8.1r1 Denial of Service Vulnerability in Linux Kernel's tcp_disconnect Function Denial of Service Vulnerability in libzip's _zip_read_eocd64 Function Denial of Service (CPU Consumption) Vulnerability in GNOME gedit through 3.22.1 Weak Password Policy in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Authentication Credentials Logging Vulnerability in Philips IntelliSpace Cardiovascular (ISCV) and Xcelera RTPproxy NAT Feature Vulnerability AT&T U-verse Firmware Vulnerability: Unauthorized Remote Access and Root Privilege Escalation AT&T U-verse Arris NVG599 Firmware Vulnerability: Unauthorized Root Access via Caserver HTTPS Service Unauthenticated Proxy Service Vulnerability in AT&T U-verse 9.2.2h0d83 Firmware for Arris NVG589 and NVG599 Devices Arbitrary Command Execution in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Command Execution in EyesOfNetwork Web Interface (eonweb) 5.1-0 Sensitive Information Disclosure in IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 Directory Traversal Vulnerability in unrar 0.0.1: Unpacking Files to Upper Directory NULL Pointer Dereference Vulnerability in DecodeNumber Function of unrar 0.0.1 Stack-Based Buffer Over-Read Vulnerability in unrar 0.0.1 Unrestricted File Upload Vulnerability in Zoho ManageEngine Firewall Analyzer 12200's Group Chat Section Unauthorized Application Execution in eLux RP 5.x and 5.6.x SQL Injection Vulnerability in Responsive Image Gallery Plugin for WordPress XSS Vulnerability in Participants Database Plugin for WordPress Command Injection in Ping Module of Technicolor TD5336 OI_Fw_v7 Devices Remote Denial of Service Vulnerability in libbfd Remote Denial of Service Vulnerability in libbfd Heap-based Buffer Over-read Vulnerability in _bfd_elf_parse_attributes Function Heap-based buffer over-read vulnerability in JasPer 1.900.8 - 2.0.16 allows remote attackers to cause denial of service Reflected XSS Vulnerability in Maplesoft Maple T.A. 2016.0.6 (Customer Hosted) via emailAddress Parameter Arbitrary OS Command Execution in enigma2-plugins WebAdmin Plugin Out-of-Bounds Write Vulnerability in OpenCV 3.3 Excessive Memory Allocation Vulnerability in ImageMagick's ReadWEBPImage Memory Leak Vulnerability in ImageMagick 7.0.6-5's ReadWEBPImage Function Memory Leak Vulnerability in ImageMagick 7.0.6-2's WriteMSLImage in coders/msl.c Insecure move_pages System Call Allows Memory Layout Disclosure in Linux Kernel Arbitrary PHP Code Execution via Serialized Object in Kaltura's wiki_decode Developer System Helper Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kaltura before 13.2.0 Hardcoded Cookie Secret Vulnerability in Kaltura getUserzoneCookie Function SQL Injection in HelpDEZk 1.1.1 via admin/login/getWarningInfo/id/ PATH_INFO Arbitrary PHP Code Execution in HelpDEZk 1.1.1 Vulnerability: Unauthorized Factory Reset and Default Credentials Access on FiberHome AN1020-25 Routers NULL Pointer Dereference in GoAhead's websDecodeUrl Function Heap-based Buffer Overflow in OpenJPEG 2.2.0 Allows for Remote Code Execution Heap-based Buffer Overflow in OpenJPEG 2.2.0 Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier Uninitialized Data Structure Vulnerability in atyfb_ioctl Function Denial of Service Vulnerability in Scrapy 1.4 Local Privilege Escalation in OpenLDAP 2.4.45 and Earlier Denial of Service Vulnerability in Xiph.Org libvorbis 1.3.5 Session Hijacking Vulnerability in Mahara Heap-based Buffer Overflow in OpenJPEG 2.2.0 Excessive Memory Allocation Vulnerability in GraphicsMagick 1.3.26 Denial of Service Vulnerability in libarchive 3.3.2 via Crafted xar Archive Integer Overflow in QEMU's load_multiboot Function Allows Arbitrary Code Execution Integer Signedness Error in mxf_read_primer_pack Function in FFmpeg Denial of Service (DoS) vulnerability in FFmpeg 3.3.3 -> 2.4 due to lack of EOF check in mxf_read_index_entry_array() Denial of Service (DoS) Vulnerability in libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3 Denial of Service (DoS) Vulnerability in ImageMagick 7.0.7-0 Q16 Integer Overflow Vulnerability in ReadTXTImage() Function of ImageMagick 7.0.6-10 Denial of Service (DoS) Vulnerability in ImageMagick 7.0.7-0 Q16 Denial of Service (DoS) Vulnerability in ReadXBMImage() in ImageMagick 7.0.6-1 Q16 Arbitrary Command Execution in Bazaar through Subprocess SSH Local Privilege Escalation via Incomplete Fix in Apport 2.20.7 Unprivileged User Bypass Vulnerability in snapd's 'snap logs' Command Privilege Escalation and Container Escape Vulnerability in Apport Insecure File Permissions Vulnerability in IBM Integration Bus and WebSphere Message Broker Local Privilege Escalation via PID Namespace in Apport 2.13-2.20.7 NULL Pointer Dereference Vulnerability in DeleteBitBuffer Function in mp4tools aacplusenc 0.17.5 Fortinet FortiOS 5.4.0 to 5.4.5 JSON Web API Denial of Service Vulnerability VPN Authentication Credentials Disclosure Vulnerability SSL VPN Web Portal Information Disclosure Vulnerability in Fortinet FortiOS Fortinet FortiOS SSL VPN Web Portal Cross-site Scripting (XSS) Vulnerability Fortinet FortiOS Local Privilege Escalation and Code Execution via USB Drive Authentication Bypass Vulnerability in Fortinet FortiWebManager 5.8.0 Cross-site Scripting Vulnerability in Fortinet FortiOS Bypassing Signed User Cookie Protection in Fortinet FortiWeb XSS Vulnerability in FineCms 5.0.11's checktitle Function XSS Vulnerability in FineCms 5.0.11's OAuth Function with Internet Explorer Referer Header XSS Vulnerability in dayrui FineCms 5.0.11 Login Controller XSS Vulnerability in dayrui FineCms 5.0.11 via Referer Header in Internet Explorer Path Traversal Information Disclosure in Squiz Matrix File Bridge Plugin Multiple Reflected Cross-Site Scripting (XSS) Vulnerabilities in Squiz Matrix WYSIWYG Plugins Remote Code Execution (RCE) via Malicious Time_Format Tag in Squiz Matrix Critical Buffer Overflow Vulnerability Discovered in Zephyr Project's getaddrinfo() Implementation Zephyr Shell Use After Free Vulnerability: Denial of Service and Remote Code Execution Buffer Overflow Vulnerability in Zephyr Shell Component Allows Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerability in IBM iNotes Allows for Credential Disclosure Persistent XSS Vulnerability on Intelbras Wireless N 150Mbps Router (Firmware WRN 240) Allows Wireless Credential Theft Insufficient User Rights Verification in IBM MaaS360 DTM (X-Force ID: 127412) Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in read_tfra() Denial of Service (DoS) Vulnerability in FFmpeg 3.3.3 due to Lack of EOF Check in asf_build_simple_index() Heap-based Buffer Overflow in WritePCXImage in ImageMagick 7.0.6-8 Q16 NULL Pointer Dereference in av_color_primaries_name Function Heap-based Buffer Over-read Vulnerability in libwpd 0.10.1 Heap-based Buffer Over-read Vulnerability in MongoDB libbson 1.7.0 Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in paste_tokens() Function Remote Denial of Service Vulnerability in Jasper 2.0.13: Infinite Loop in jpc_dec_tileinit Function Exposure of Backend Server URLs in IBM WebSphere Portal 8.5 and 9.0 Off-by-one Error in Cyrus IMAP's mboxlist_do_find Function Allows Information Disclosure or Denial of Service Denial of Service Vulnerability in GeniXCMS 1.1.0 Denial of Service Vulnerability in FLIF 0.3 via Crafted FLIF File Arbitrary SQL Command Execution in Dolibarr ERP/CRM 6.0.0 via menuId Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dolibarr ERP/CRM 6.0.0 Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 8.5.7 Sensitive Information Disclosure Vulnerability in Dolibarr ERP/CRM 6.0.0 via document.php File Parameter Arbitrary Web Script Injection Vulnerability in Dolibarr ERP/CRM 6.0.0 Arbitrary SQL Command Execution in Dolibarr 6.0.0 via statut Parameter UTStar WA3002G4 ADSL Broadband Modem: Authentication Bypass Vulnerability Authentication Bypass Vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 Devices Out of Bounds Read Vulnerability in libsndfile 1.0.28: Remote DoS and Information Disclosure Remote DoS and Information Disclosure Vulnerability in libsndfile 1.0.28 SQL Injection in EyesOfNetwork Web Interface (eonweb) 5.1-0 via user_id Cookie Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.6-8 Q16 Denial of Service Vulnerability in ImageMagick 7.0.6-8 Q16 Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.0.1.1 and 8.5.7 Arbitrary PHP Code Execution via Unrestricted File Upload in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 SQL Injection via group_id cookie in EyesOfNetwork web interface Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable via Crafted .MP4 File Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable Write Access in SetItemCount AP4_StscAtom Write Memory Access Violation Vulnerability AP4_StssAtom Write Memory Access Violation Vulnerability AP4_StszAtom Read Memory Access Violation Vulnerability Vulnerability: Remote Password Hash Disclosure on Samsung NVR Devices Remote Account Creation Vulnerability in Honeywell NVR Devices Stack-based Buffer Overflow in LibRaw's xtrans_interpolate in internal/dcraw_common.cpp Heap-Based Buffer Overflow in Tcprewrite (CVE-2016-6160) CSRF Vulnerabilities in EE 4GEE WiFi MBB Devices XSS Vulnerability in EE 4GEE WiFi MBB Devices (before EE60_00_05.00_31) via sms_content Parameter Vulnerability: Information Disclosure in EE 4GEE WiFi MBB Devices Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Stack Corruption Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Clickjacking Vulnerability in IBM Cognos Analytics 11.0 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .jb2 File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.40 Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 STDU Viewer 1.6.375 Remote Code Execution and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Cross-Site Scripting (XSS) Vulnerability in IBM RELM 4.0, 5.0, and 6.0 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Streams 4.0, 4.1, and 4.2 Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Privilege Escalation Vulnerability in NetMechanica NetDecision 5.8.2 Privilege Escalation in Nagios Core through 4.3.4 via Non-Root Account Ownership XSS Vulnerability in Shibboleth WordPress Plugin Denial of Service Vulnerability in GraphicsMagick 1.3.26 DrawImage Function BlueBorne vulnerability in Apple iOS 7-9: Heap Overflow Exploit via LEAP Out-of-bounds Access in Xen's alloc_heap_pages Function Double-Free Vulnerability in C Xenstore Daemon NULL pointer dereference vulnerability in Xen 4.5.x through 4.9.x Grant Unmapping Vulnerability in Xen Arbitrary Code Execution in Mirasvit Helpdesk MX before 1.5.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mirasvit Helpdesk MX Administrative Interface Authentication Bypass Vulnerability in Interspire Email Marketer (IEM) prior to 6.1.6 SSRF Vulnerability in Ueditor's getRemoteImage.php in Onethink V1.0 and V1.1 Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16: ReadMPCImage Function in coders/mpc.c Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16: Exploiting PersistPixelCache in magick/cache.c Memory Leak Vulnerability in ImageMagick 7.0.7-1 Q16's ReadMATImage Function Arbitrary File Read Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x Buffer Overflow Vulnerability in Extreme EXOS 15.7, 16.x, 21.x, and 22.x Root Shell Access Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x via exsh Debug Shell Message Corruption Vulnerability in IBM WebSphere MQ 7.5, 8.0, and 9.0 Privilege Escalation Vulnerability in Extreme EXOS 16.x, 21.x, and 22.x Bypassing exsh Restricted Shell Protection in Extreme EXOS 16.x, 21.x, and 22.x Session Hijacking Vulnerability in Extreme EXOS 15.7, 16.x, 21.x, and 22.x Integer Overflow and Denial of Service Vulnerability in GNU Binutils 2.29 Vulnerability: Unauthorized Admin Password Change on Beijing Hanbang Hanbanggaoke Devices Arbitrary User Access Vulnerability in MISP before 2.4.80 with X.509 Certificate Authentication and Non-MISP External User Management ReST API DNS Packet Parser Vulnerability: Infinite Pointer Loop Denial of Service (DoS) Local User Information Exposure Vulnerability in IBM DB2 for Linux, UNIX and Windows 11.1 Linux Kernel XFS_IS_REALTIME_INODE Macro Denial of Service Vulnerability ImageMagick 7.0.6-6 ReadWPGImage Large Loop Vulnerability Memory Exhaustion Vulnerability in ImageMagick 7.0.6-6 via Crafted WPG Image File Memory Leak Vulnerability in ImageMagick 7.0.6-6 via Crafted XCF Image File Privilege Escalation Vulnerability in Jungo WinDriver 12.4.0 and Earlier SQL Injection Vulnerability in tianchoy/blog via id parameter in view.php Unrestricted File Upload and PHP Code Execution in upload.php XSS Vulnerability in NexusPHP 1.5.beta5.20120707 - Fun.php Delete Action Heap-based Buffer Overflow in LibRaw's processCanonCameraInfo Function Authentication Bypass Vulnerability in HPE SiteScope: Exposing Sensitive Data Remote Code Execution Vulnerability in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40 Remote Code Execution Vulnerability in HP UCMDB Configuration Manager Remote Cross-Site Scripting Vulnerability in HP UCMDB Configuration Manager Remote Code Execution Vulnerability in HP UCMDB Foundation Software Remote Cross-Site Scripting Vulnerability in HP UCMDB Foundation Software Local Privilege Escalation Vulnerability in HPE Connected Backup Versions 8.6 and 8.8.6 Remote SQL Injection Vulnerability in HP ArcSight ESM and ESM Express Remote Exploitation of Reflected and Stored Cross-Site Scripting (XSS) in HP ArcSight ESM and ESM Express Remote URL Redirection Vulnerability in HP ArcSight ESM and ESM Express Remote Cross-Site Scripting Vulnerability in HPE Performance Center 12.20 Remote Denial of Service (DoS) Vulnerability in HPE Content Manager Workgroup Service v9.00 Critical Man-In-The-Middle Vulnerability in Micro Focus Project and Portfolio Management Center 9.32 Cross-Site Request Forgery Vulnerability in Micro Focus Project and Portfolio Management Center 9.32 Remote Cross-Site Scripting (XSS) Vulnerability in Micro Focus Operations Manager i (Versions 10.60-10.62) Privilege Escalation Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 Stored Cross-Site Scripting Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 via Source Asset ID Field Reflected Cross-Site Scripting Vulnerability in RSA Archer GRC Platform prior to 6.2.0.5 Reflected Cross-Site Scripting Vulnerabilities in RSA Archer GRC Platform prior to 6.2.0.5 via Help Pages Reflected Cross-Site Scripting Vulnerability in EMC RSA Authentication Manager 8.2 SP1 P4 and Earlier Hard-coded Password Vulnerability in Dell Storage Manager Authentication Bypass Vulnerability in EMC Virtual Appliances and eManagement Hardcoded Password Vulnerability in EMC AppSync Server Authentication Bypass Vulnerability in EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability in EMC RSA Authentication Agent API and SDK Cross-Site Scripting Vulnerability in EMC RSA Authentication Manager Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Privilege Escalation Vulnerability in EMC Isilon OneFS Reflected Cross-Site Scripting Vulnerability in Dell EMC VNX Control Station Directory Traversal Vulnerability in Dell Storage Manager EMConfigMigration Service Memory Overflow Vulnerability in EMC Data Domain DD OS Cross-Site Scripting Vulnerability in Dell 2335dn and 2355dn Multifunction Laser Printers NFS Export Security Setting Fallback Vulnerability in EMC Isilon OneFS GrootFS Volume Cache Poisoning Vulnerability Application Subdomain Takeover Vulnerability in Cloud Foundry Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Misconfiguration in Cloud Foundry Foundation cf-deployment v0.35.0 leads to unintended log draining locations Unvalidated Redirect Vulnerability in ForgeRock Access Management (OpenAM) and Access Management (AM) OpenAM and AM Authorization Server Reflective XSS Vulnerability SQL Injection Vulnerability in osTicket (Versions before 1.10.1) via Array Construction DLL Injection Vulnerability in AnyDesk for Windows Versions Prior to 3.6.1 Arbitrary Memory Access Vulnerability in Razer Synapse 2.20.15.1104 Unrestricted File Upload Vulnerability in BlackCat CMS 1.2.2 Arbitrary File Inclusion Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 Denial of Service Vulnerability in ImageMagick 7.0.7-1 Q16 SQL Injection Vulnerability in EyesOfNetwork Web Interface SQL Injection Vulnerability in EyesOfNetwork Web Interface SQL Injection Vulnerability in EyesOfNetwork Web Interface 5.1-0 Local File Inclusion Vulnerability in EyesOfNetwork Web Interface 5.1-0 Remote Command Execution Vulnerability in EyesOfNetwork Web Interface NULL Pointer Dereference Vulnerability in MP3Gain 1.5.2 Leads to Remote Denial of Service Stack-based Buffer Over-read in filterYule in MP3Gain 1.5.2: Remote Denial of Service Vulnerability Stack-based Buffer Over-read Vulnerability in MP3Gain 1.5.2 Leads to Remote Denial of Service Buffer Overflow Vulnerability in MP3Gain version 1.5.2 Allows Remote Code Execution Improper Access Control in IBM Emptoris Services Procurement 10.0.0.5 Buffer Over-read Vulnerability in III_i_stereo in MP3Gain 1.5.2 Stack-Based Buffer Overflow in copy_mp in mpglibDBL: Remote DoS and Possible Code Execution Invalid Memory Write Vulnerability in MP3Gain 1.5.2 Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware (FW114WWb07_h2ab_beta1) Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-850L REV. A Firmware Unauthenticated Enrollment Vulnerability in D-Link DIR-850L REV. B Devices Cleartext Admin Password Exposure in D-Link DIR-850L REV. B Devices D-Link DIR-850L NPAPI Extension TCP Relay Vulnerability Cross-Site Request Forgery Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 D-Link DIR-850L NPAPI Extension SSL Certificate Verification Vulnerability Hardcoded Password Vulnerability in D-Link DIR-850L REV. B Devices Hardcoded Private Key Vulnerability in D-Link DIR-850L Routers Unauthenticated Nonce-Guessing Vulnerability in D-Link DIR-850L REV. A Firmware Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L REV. A and REV. B Devices Insecure Permissions on D-Link DIR-850L Routers Insecure Permissions on D-Link DIR-850L Routers Unauthenticated Remote Code Execution Vulnerability in D-Link DIR-850L Routers Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Services Procurement 10.0.0.5 D-Link DIR-850L Remote Denial of Service Vulnerability Xen Memory Leak Vulnerability: XSA-207 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Command Injection Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 Build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 build 17030317 Denial of Service Vulnerability in Moxa EDR-810 V4.1 build 17030317 Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Stack Overflow in SDL2_image-2.0.2 ILBM Image Rendering Functionality Integer Overflow and Heap Overflow in SDL2_image-2.0.2 ICO Image Rendering SDL2_image-2.0.2 BMP Image Rendering Stack Overflow Code Execution Vulnerability Arbitrarily Controlled Information Leak in Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Update Request Buffer Overflow Vulnerability in Insteon Hub Firmware Update Request Handling Stack-based Buffer Overflow in Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Heap Overflow Vulnerability in SDL2_image-2.0.2 XCF Image Rendering Double-Free Vulnerability in SDL2_image-2.0.2 XCF Image Rendering Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 Buffer Overflow Vulnerability in SDL2_image-2.0.2 GIF Image Parsing Functionality Remote Code Execution Vulnerability in libevm of CPP-Ethereum Buffer Overflow Vulnerability in Insteon Hub's PubNub Message Handler Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware 1012 Buffer Overflow Vulnerabilities in Insteon Hub's PubNub Message Handler Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware Version 1012 Libevm `create2` Opcode Handler Out-of-Bounds Read Vulnerability Use-After-Free Vulnerability in Foxit PDF Reader 8.3.2.25013 Allows Arbitrary Code Execution Remote Root-Level OS Command Injection in Moxa AWK-3131A Wireless AP/Bridge/Client Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 Parity Ethereum JSON-RPC Cross-Domain Whitelist Vulnerability SMTP Email Message Out of Bounds Read Vulnerability Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Access and Modification of Data and Settings Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Data and Logic Manipulation Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Modification and Disclosure Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Live Rung Edits and Logic Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Data Disclosure and Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Access and Manipulation of Data and Logic Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier: Unauthorized Disclosure and Modification Access Control Vulnerability in Allen Bradley Micrologix 1400 Series B FRN 21.2 and Earlier Arbitrary Command Execution via Shell Command Injection in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris) Shell command injection vulnerability in MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (FreeBSD) Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Open Redirect Vulnerability in IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x Arbitrary Command Execution via Shell Command Injection in MMM::Agent::Helpers::Network::clear_ip Function Shell command injection vulnerability in MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris) Arbitrary Code Execution via Crafted Content-Type: text/enriched Data in GNU Emacs Improper PID File Ownership in Gentoo dev-python/flower Package Privilege Escalation Vulnerability in Gentoo GIMPS Package Vibease Wireless Remote Vibrator App: Cleartext Message Exchange and Auth Token Vulnerability Remote User Impersonation Vulnerability in OhMiBod Remote App Denial of Service Vulnerability in Linux Kernel's iscsi_if_rx Function Open Redirect Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 Heap-based Buffer Overflow in dnsmasq Allows Remote Code Execution via Crafted DNS Response Remote Code Execution via Crafted IPv6 Router Advertisement Request in dnsmasq Remote Code Execution via Crafted DHCPv6 Request in dnsmasq Remote Information Disclosure Vulnerability in dnsmasq Memory Leak Vulnerability in dnsmasq before 2.78 Allows Remote DoS via DNS Response Creation Integer Underflow Vulnerability in dnsmasq Allows Remote Denial of Service Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's tpacket_rcv Function XSS Vulnerability in SilverStripe CMS 3.6.1 and earlier (Issue SS-2017-017) Open Redirect Vulnerability in IBM Emptoris Sourcing 9.5 - 10.1.3 User-Assisted Code Execution Vulnerability in Podbeuter Podcast Playback Function in Newsbeuter Out-of-Bounds Read Vulnerability in libarchive 3.3.2 when Extracting ISO9660 ISO Files Off-by-one Error in libarchive 3.3.2: Out-of-bounds Read in RAR Archive Header Parsing Out-of-Bounds Read Vulnerability in libarchive 3.3.2 GraphicsMagick 1.3.26 ReadPNMImage XV 332 Format NULL Pointer Dereference Vulnerability NULL Pointer Dereference and Application Crash in ImageMagick 7.0.7-1 Cross-Site Scripting (XSS) Vulnerability in Geminabox (aka Gem in a Box) before 0.13.6 SQL Injection Vulnerabilities in Content Timeline Plugin 4.4.2 for WordPress SQL Injection Vulnerability in SugarCRM Documents and Emails Module Remote File Inclusion Vulnerability in SugarCRM Connectors Module Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows Unauthenticated Cross-Site Scripting (XSS) Vulnerability in SugarCRM WebToLeadCapture Functionality Email Confirmation Bypass and Denial of Service Vulnerability in SAP E-Recruiting SQL Injection in NexusPHP 1.5.beta5.20120707 via sort parameter in editforum action MetInfo 5.3.17 Directory Traversal Vulnerability Directory Traversal Vulnerability in Tenda W15E Devices (CVE-2021-XXXX) Heap-based Buffer Overflow Vulnerability in Tenda W15E Devices before 15.11.0.14 SAP Business Objects Financial Consolidation XSS Vulnerability (SAP Security Note 2422292) NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document Floating Point Exception in Poppler 0.59.0 via Crafted PDF Document Memory Corruption Vulnerability in Poppler 0.59.0: Gfx.cc Infinite Loop Local Privilege Escalation and File Overwrite Vulnerability in IBM DB2 Floating Point Exception Vulnerability in Poppler 0.59.0 File Upload Vulnerability in WonderCMS 2.3.1 Arbitrary JavaScript Execution Vulnerability in WonderCMS 2.3.1 HTTP Host Header Injection Vulnerability in WonderCMS 2.3.1 Open Redirect Vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 Open Redirect Vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 Multiple XML External Entity (XXE) Vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 Multiple XML External Entity (XXE) Vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 Use-after-free vulnerability in TIFFSetProfiles function in ImageMagick 7.0.6 Heap-based Buffer Over-read Vulnerability in pe_print_idata Function of libbfd Arbitrary Command Execution Vulnerability in IBM Security Access Manager Appliance 9.0.3 CSRF and XSS Vulnerability in Crony Cronjob Manager Plugin for WordPress Memory Exhaustion Vulnerability in ImageMagick 7.0.7-0's ReadSUNImage Function NULL Pointer Dereference in TIFFIgnoreTags in ImageMagick 7.0.7-0 Memory Leak in ReadMATImage in ImageMagick 7.0.6-6 XSS Vulnerability in NexusPHP 1.5.beta5.20120707 via PATH_INFO in location.php OS Command Injection in trixbox 2.8.0.4 via lang parameter in /maint/modules/home/index.php XSS Vulnerability in trixbox 2.8.0.4 via PATH_INFO Path Traversal Vulnerability in trixbox 2.8.0.4 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.40 via Crafted .jb2 File Denial of Service Vulnerability in IrfanView 4.44 - 32bit via Crafted .svg File IrfanView 4.44 - 32bit Denial of Service Vulnerability via Crafted .svg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .svg File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service and Potential Impact Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service and Potential Code Execution Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .mobi File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Heap Corruption Vulnerability in STDU Viewer 1.6.375 Stack Corruption Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Stack Corruption Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Cross-Site Scripting (XSS) Vulnerability in IBM QRadar Network Security 5.4 Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File Denial of Service Vulnerability in IrfanView 4.44 - 32bit via Crafted .ani File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 XML External Entity Injection (XXE) Vulnerability in IBM QRadar Network Security 5.4 Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic 2.41 via Crafted .jb2 File Denial of Service Vulnerability in SAP NetWeaver AS JAVA 7.0 through 7.5 Unverified SSL Certificates in Zoho Site24x7 Mobile Network Poller Android App NetApp Clustered Data ONTAP SMB Denial of Service Vulnerability Title: Critical SSRF Vulnerability in Hipchat Server and Data Center Allows Remote Code Execution Client-side Remote Code Execution Vulnerability in Hipchat for Mac Desktop Client Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible before 4.4.2 Double OGNL Evaluation in FreeMarker Templates through Struts FreeMarker Tags in Bamboo Insecure Permissions Vulnerability in IBM Security Access Manager Appliance 8.0.0 and 9.0.0 Bamboo Server Remote Code Execution Vulnerability Argument Injection Vulnerability in Atlassian Fisheye and Crucible Versions Less than 4.4.3 and 4.5.0 Command Injection Vulnerability in Sourcetree for macOS Command Injection Vulnerability in Sourcetree for Windows Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Joomla! Logic Bug in SQL Query Allows Disclosure of Archived Article Intro Texts LDAP Authentication Plugin Vulnerability XSS Vulnerability in AfterLogic WebMail and Aurora AdminPanel OSPF Routing Table Vulnerability in IBM i Error-Based SQL Injection Vulnerability in Pragyan CMS v3.0 via $_GET['del_black'] in cms/admin.lib.php Boolean-based SQL Injection in Pragyan CMS v3.0 via $_GET['forwhat']: Information Disclosure Vulnerability Administrative Access Vulnerability in Citrix NetScaler ADC and Gateway Management Interface Insufficient RTCP Packet Validation Vulnerability in Asterisk File Type Spoofing Vulnerability in GNOME Nautilus Out of Bounds Read Vulnerability in ImageMagick 7.0.7-4 Q16 Out of Bounds Read Vulnerability in LibRaw Privilege Escalation via PID File Manipulation in Kannel 1.5.0 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Privilege Escalation via PID File Manipulation in Bareos 16.2.6 and Earlier Cockpit 0.13.0 SSRF Vulnerability Unverified SSL Certificate Vulnerability in Shpock Boot Sale & Classifieds App Visor GUI Console Directory Traversal Vulnerability FBX-5313 XML-RPC Interface Login Vulnerability FBX-5312 XML-RPC Interface Crash Vulnerability Floating Point Exception Vulnerability in Poppler 0.59.0 ImageStream Class Arbitrary Web Script Injection in phpMyFAQ Faq.php Arbitrary Web Script Injection in phpMyFAQ Configuration Module Cross-Site Scripting (XSS) Vulnerability in IBM Rhapsody DM 5.0 and 6.0 Stored Cross Site Scripting in SmarterStats Version 11.3.6347 via Referer Field in HTTP Logfiles XSS Vulnerability in Portus 2.2.0 via Team Field and Typeahead Cross-Site Scripting (XSS) Vulnerabilities in Amazon Affiliates Store Plugin for WordPress Empty Password Login Vulnerability in go-ldap Package NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16's PostscriptDelegateMessage function in coders/ps.c NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16: sixel_output_create in coders/sixel.c NULL Pointer Dereference vulnerability in ImageMagick 7.0.7-0 Q16's sixel_decode function in coders/sixel.c Remote Code Execution Vulnerability in CyberLink LabelPrint 2.5 Heap-Based Buffer Overflow in pcxLoadImage24 Function of sam2p 0.49.3 Integer Signedness Error in in_xpm_reader Function Leads to Out-of-Bounds Array Write in sam2p 0.49.3 Integer Overflow Vulnerability in sam2p 0.49.3's pcxLoadImage24 Function Heap-based Buffer Overflow in sam2p 0.49.3's pcxLoadRaster Function Remote Code Execution Vulnerability in Xiph.Org libvorbis 1.3.5 Out-of-Bounds Array Read Vulnerability in Xiph.Org libvorbis 1.3.5 Divide-by-Zero DoS Vulnerability in libsndfile 1.0.28 Code Injection Vulnerability in OTRS 3.3.x, 4.x, and 5.x Integer Overflow and Memory Corruption in sam2p 0.49.3 Invalid Read/Write Vulnerability in sam2p 0.49.3's parse_rgb function NULL Pointer Dereference in AP4_AtomFactory::CreateAtomFromStream in Bento4 version 1.5.0-617 Stack-based Buffer Underflow and Out-of-Bounds Write in AP4_VisualSampleEntry::ReadFields in Bento4 1.5.0-617 Remote Denial of Service Vulnerability in Bento4 version 1.5.0-617 NULL Pointer Dereference in AP4_DataAtom Class in Bento4 v1.5.0-617 Remote Denial of Service Vulnerability in Bento4 version 1.5.0-617 Heap-based Buffer Over-read Vulnerability in AP4_HdlrAtom Class Heap-based Buffer Overflow in AP4_HdlrAtom Class in Bento4 1.5.0-617: Remote DoS and Potential Code Execution Heap-based Buffer Over-read in AP4_BitStream::ReadBytes in Bento4 v1.5.0-617 Heap-based Buffer Over-read Vulnerability in Bento4 version 1.5.0-617 Heap-based Buffer Overflow in AP4_VisualSampleEntry::ReadFields in Bento4 1.5.0-617 Global Buffer Overflow in BladeEnc 0.94.2: Remote DoS and Potential Code Execution Denial of Service Vulnerability in GraphicsMagick 1.3.26: ReadOneJNGImage JNG Data Validation Issue Remote Click Hijacking Vulnerability in IBM TRIRIGA Remote Code Execution Vulnerability in Horde_Image Library XSS Vulnerability in WSO2 Data Analytics Server 3.1.0 via add_collection_ajaxprocessor.jsp SQL Injection Vulnerability in Tapatalk Plugin for MyBB (Versions before 4.5.8) Arbitrary Order Information Disclosure in ASP4CMS AspCMS 2.7.2 Network Layer Privilege Escalation Vulnerability in InfoSphere Information Server Arbitrary File Placement Vulnerability in IBM InfoSphere Information Server Sensitive Employee Metadata Disclosure in ZKTeco ZKTime Web 2.0.1.12280 Privilege Escalation via p3scan.pid File Manipulation Heap-based Buffer Overflow in GetNextToken Function in ImageMagick 7.0.6 CSRF Vulnerability in Geminabox (Gem in a Box) before 0.13.7 Memory Leak Vulnerability in ImageMagick 7.0.7-4 Q16's ReadVIPSImage Function Denial of Service and Potential Impact via Crafted .xps File in Artifex MuPDF 1.11 Arbitrary Code Execution and Denial of Service Vulnerability in Artifex MuPDF 1.11 via Crafted .xps File XML Tag Name Comparison Vulnerability in Artifex MuPDF 1.11 Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .djvu File Denial of Service and Potential Remote Code Execution in STDU Viewer 1.6.375 via Crafted .djvu File Arbitrary File Placement Vulnerability in IBM InfoSphere Information Server Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .jb2 File Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.44 - 32bit via Crafted .djvu File Arbitrary Code Execution and Denial of Service Vulnerability in Foxit Reader and PhantomPDF Directory Traversal Vulnerability in Minion ID Validation in SaltStack Salt Denial of Service Vulnerability in SaltStack Salt Remote Password Change Vulnerability in ASUS DSL Routers Multiple XML External Entity (XXE) Vulnerabilities in ASUS DSL Routers' AiCloud Feature Arbitrary Code Execution Vulnerability in ERS Data System 1.8.1.0 SQL Injection Vulnerability in Cash Back Comparison Script 1.0: Remote Code Execution via PATH_INFO Arbitrary Code Execution via Unrestricted File Upload in Claydip Laravel Airbnb Clone 1.0 Remote Command Execution in DenyAll WAF before 6.4.1 via TCP Port 3001 Unauthenticated Information Disclosure in DenyAll WAF before 6.4.1 Unverified SSL Certificates Vulnerability in Komoot - Cycling & Hiking Maps App Unverified X.509 Certificates in SHEIN - Fashion Shopping App for iOS Clear-text Transmission of User Credentials in Kickbase Bundesliga Manager App Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Phonecall Notes Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Phonecalls Description Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Phonecalls Subject Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Alerts Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830: Tasks Title Parameter Stored XSS Vulnerability in EPESI 1.8.2 rev20170830 Tasks Description Parameter Cross-Site Scripting Vulnerability in WordPress Link Modal Directory Traversal Vulnerability in WordPress ZipArchive and PclZip Components Cross-Site Scripting Vulnerability in WordPress Template List View Cross-Site Scripting Vulnerability in WordPress Plugin Editor WordPress Customizer Directory Traversal Vulnerability WordPress SQL Injection Vulnerability in $wpdb->prepare() Function WordPress oEmbed Discovery Cross-Site Scripting Vulnerability Open Redirect Vulnerability in WordPress Admin Pages WordPress Cross-Site Scripting Vulnerability via TinyMCE Shortcodes Uninitialized Buffer Vulnerability in WeeChat Logger Plugin Authentication Bypass and Password Vulnerability in SiteOmat BOS Versions Heap-based Buffer Overflow in BFD Library's _get_synthetic_symtab Functions Weak Cryptographic Algorithms in IBM Security Access Manager Appliance 8.0.0 - 8.0.1.6 and 9.0.0 - 9.0.3.1: High-Risk Information Decryption Vulnerability Privilege Escalation via User-Writable Directory Trees in Gentoo app-admin/logstash-bin Package Heap-based Buffer Over-read Vulnerability in LibOFX 0.9.12 GraphicsMagick 1.3.26 RLE Image ReadRLEImage Function Denial of Service Vulnerability Heap-based Buffer Overflow in libbpg's build_msps Function XSS Vulnerability in OWASP AntiSamy before 1.5.7 via HTML5 Entities CacheD: Exploiting a Cryptographic Cache-Based Side Channel in RSA Implementation Remote SQL Injection Vulnerability in FileRun (version 2017.09.18 and below) NULL Pointer Dereference in AcquireResampleFilterThreadSet in ImageMagick 7.0.7-4 Sensitive Information Disclosure Vulnerability in IBM Security Access Manager Appliance GeniXCMS 1.1.0 Menu ID Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in ImageMagick 7.0.7-3 via Crafted Font File Remote Code Execution Vulnerability in LabF nfsAxe FTP Client 3.7 Unauthenticated SQL Injection Vulnerability in Faleemi FSC-880 00.01.01.0048P2 Devices XSS Vulnerability in UEditor 1.4.3.3 via IFRAME SRC Attribute Integer Overflow and Denial of Service Vulnerability in libbfd Samba 4.x Use-After-Free Remote Code Execution Vulnerability Race Condition Exploit in Overwatch 1.15.0.2: Remote Users Can Cause Denial of Service and Impact Competitive Gameplay Remote Code Execution Vulnerability in JerryScript 1.0 XSS Vulnerability in WP Jobs Plugin 1.5 for WordPress: Exploiting Job Qualification Field User Input Vulnerability in Mahara Profile Fields Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Arbitrary File Read Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 XML External Entity (XXE) Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 HTTP Strict Transport Security Bypass in IBM Security Access Manager Appliance SQL Injection in Event Espresso Lite Plugin v3.1.37.12.L for WordPress XSS Vulnerability in GeniXCMS 1.1.4 via id parameter in menus.control.php XSS Vulnerability in GeniXCMS 1.1.4 via id parameter in menus.control.php Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Install Themes Page Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Upload Modules Page XSS Vulnerability in GeniXCMS 1.1.4 via Menu ID Field in gxadmin/index.php Authentication Bypass Vulnerability in Simple Student Result Plugin for WordPress Heap Buffer Overflow in FFmpeg's sdp_parse_fmtp_config_h264 Function XML External Entity Injection (XXE) Vulnerability in IBM Security Access Manager Appliance 9.0.3 Information Disclosure Vulnerability in Skybox Manager Client Application Arbitrary File Upload Vulnerability in Skybox Manager Client Application (prior to 8.5.501) Username Enumeration Vulnerability in Skybox Manager Client Application Elevation of Privileges Vulnerability in Skybox Manager Client Application Laravel before 5.5.10 Remember Me Token Verification Vulnerability Local File Disclosure Vulnerability in IBM Security Access Manager Appliance 9.0.0 Denial of Service and Out-of-Bounds Read Vulnerability in libbpg 0.9.7 Integer Underflow Vulnerability in libbpg's hevc_write_frame Function Lack of Transport Encryption in Philips Hue Bridge BSB002 SW 1707040932 Allows Remote Attackers to Read API Keys and Gain Complete Control of Connected Accessories Privilege Escalation Vulnerability in PostgreSQL Init Script NetIQ Access Manager Cross Site Scripting Vulnerability in ESP Login Parameter Handling Sensitive Information Exposure in IBM Security Access Manager Appliance Reflected Cross-Site Scripting Vulnerability in NetIQ Access Manager Reflected XSS Vulnerability in NetIQ Access Manager before 4.3.3 Unvalidated Redirect Vulnerability in Novell Access Manager Admin Console and IDP Servers Arbitrary Code Execution Vulnerability in NetIQ Access Manager 4.3 and 4.4 Directory Traversal Vulnerability in Build Package (CVE-XXXX-XXXX) Improper Certificate Validation in SUSE Studio Onsite Allows Remote Package Modification SQL Injection Vulnerability in SUSE Studio Onsite Allows Remote Data Extraction and Modification User Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via Malicious JPEG2000 Images in PDF Files Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5011) Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via JPEG2000 Image Tile Index Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5016) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5017) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5018) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5019) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5020) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5021) Authentication Bypass Vulnerability in IBM Security Identity Manager Adapters 6.0 and 7.0 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5022) Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via Circle Annotation Objects Arbitrary Code Execution via Caret Annotation Style Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via Text Annotation Style Attribute in Foxit Reader 8.3.1.21155 Arbitrary Code Execution via FileAttachment Annotation in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5027) Arbitrary Code Execution via modDate Attribute in Foxit Reader 8.3.1 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5029) Arbitrary File Upload Vulnerability in TeamWork Job Links' profileChange and coverChange Functions Arbitrary File Upload Vulnerability in TeamWork Photo Fusion's changeAvatar and changeCover Functions Information Disclosure Vulnerability in IBM WebSphere Commerce Arbitrary File Upload Vulnerability in TeamWork TicketPlus' updateProfile Function Arbitrary File Upload Vulnerability in Mojoomla Annual Maintenance Contract (AMC) Management System SQL Injection Vulnerability in Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress SQL Injection Vulnerability in Mojoomla School Management System for WordPress SQL Injection Vulnerability in Mojoomla WPGYM WordPress Gym Management System SQL Injection Vulnerability in Mojoomla WPCHURCH Church Management System for WordPress SQL Injection Vulnerability in Mojoomla Hospital Management System for WordPress SQL Injection Vulnerability in Mojoomla WPAMS Apartment Management System for WordPress SQL Injection Vulnerability in WPHRM Human Resource Management System for WordPress 1.0 Unintended File Access Vulnerability in Node.js 8.5.0 Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Stored Cross-site Scripting Vulnerability in Orpak SiteOmat Web Management Console Orpak SiteOmat Authentication Bypass via SQL Injection Invalid SSL Certificate Vulnerability in Orpak SiteOmat Management Console Orpak SiteOmat OrCU Code Injection Vulnerability Orpak SiteOmat CGI Stack Buffer Overflow Vulnerability Denial of Service Vulnerability in Red Lion HMI Panels via Long URI HTTP POST Request Invalid Free Vulnerability in Exiv2 0.26 Image Class Heap-Based Buffer Overflow in Exiv2::l2Data Function of types.cpp in Exiv2 0.26 Invalid Memory Address Dereference in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26: Denial of Service Vulnerability Cross-Site Scripting Vulnerability in IBM Cognos Business Intelligence 10.2 and 10.2.1 Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.26's Jp2Image::readMetadata Function Exiv2 0.26 Stack Consumption Vulnerability in image.cpp Exiv2 0.26 Invalid Memory Address Dereference Vulnerability Exiv2 0.26 Image.cpp NULL Pointer Dereference Vulnerability Invalid Memory Address Dereference in Exiv2::getULong in types.cpp in Exiv2 0.26: Denial of Service Vulnerability Heap-Based Buffer Overflow in Exiv2::us2Data Function of types.cpp in Exiv2 0.26 Heap-Based Buffer Overflow in Exiv2::s2Data Function of types.cpp in Exiv2 0.26 Arbitrary OS Command Execution via Unsafe Perl Scripts in Git XXE vulnerability in Restlet Framework before 2.3.11 allows remote file access via REST API HTTP request Uninitialized Data Vulnerability during FOTA Partition Update in Android for MSM, Firefox OS for MSM, QRD Android IBM Sterling File Gateway 2.2 Information Disclosure Vulnerability Stack Memory Leakage Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in Android Releases from CAF Kernel Memory Overwrite Vulnerability in Android Graphics Driver Heap Overread Vulnerability in ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE Kernel Out-of-Bounds Write Vulnerability in msm_ispif_config_stereo() Use-after-free vulnerability in IPA driver allows for arbitrary code execution Denial of Service Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Slab Out of Bound Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Undisclosed Vulnerability in Jazz Common Products: Potential Information Disclosure (IBM X-Force ID: 128627) Unprotected Access to Global Variable in Qualcomm Android and Firefox OS Use-After-Free Vulnerability in IPA IOCTL Handler for Android and Firefox OS Out-of-Bounds Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overflow Vulnerability in wma_unified_power_debug_stats_event_handler() Function Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Buffer Overflow Vulnerability in wma_unified_link_peer_stats_event_handler Function Integer Overflow Leading to Heap Buffer Overflow in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Heap Buffer Overflow Vulnerability in CAF Android Releases Arbitrary Address Execution Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Redirect Vulnerability in IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community Configurations Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Stack Information Leak Vulnerability in KGSL Driver Function _gpuobj_map_useraddr() Potential Dangling Pointer Access in msm_pcm_hw_params() Function Buffer Over-read Vulnerability in Android Releases from CAF Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel Vulnerability: Incorrect Information Retrieval in iwpriv After Subsystem Reset Undersize Buffer Allocation Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Kernel Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE Command Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB Command Unspecified Vulnerability in Jazz Reporting Service 6.0 through 6.0.4 Could Expose Highly Sensitive Information Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI Command Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE Command Race Condition in GLink Kernel Driver Leads to Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Over-read Vulnerability in SENDACTIONFRAME IOCTL in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Arbitrary Unmap Vulnerability in MediaServer via Crafted Binder Request Buffer Over-read Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Vulnerability: Lack of PKCS7 Padding Support in Android Crypto Storage APIs Reduced Cryptographic Strength in Disk Encryption Key Derivation in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Improper Validation of Block Verification in SafeSwitch Test Application in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Unvalidated Count Value Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Weak Algorithm Negotiation in IBM QRadar Network Security 5.4 Buffer Overread Vulnerability in Snapdragon Processors XBL Loader Authentication Bypass Vulnerability Improper Buffer Attribute Marking in Secure Display on Qualcomm Snapdragon Devices Improper Truncation of DDR Address Input Validation in Android on Qualcomm Snapdragon Processors Stale Handles Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in Qualcomm Snapdragon Mobile SD Processors Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Use After Free Vulnerability in GPS Location Wireless Interface on Android and Firefox OS Denial of Service Vulnerability in Node.js zlib Module Stored XSS Vulnerability in eGroupware Community Edition before 16.1.20170922 via User-Agent Header Injection Stored XSS Vulnerability in Tine 2.0 Community Edition before 2017.08.4 via IMG Element in Filemanager Stored XSS Vulnerability in Tine 2.0 Community Edition before 2017.08.4 via IMG Element in History Stored XSS Vulnerability in Tine 2.0 Community Edition (before 2017.08.4) via IMG Element in Leadname Field CSRF Vulnerability Exploiting IMG Element in Tiki CSRF Vulnerability in Tiki: Unauthorized Global Permission Modification via IMG Element NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document NULL Pointer Dereference Vulnerability in Poppler 0.59.0 via Crafted PDF Document Memory Corruption Vulnerability in Poppler 0.59.0 via Object::dictLookup() Improper Access Controls in IBM UrbanCode Deploy (UCD) 6.1 and 6.2 Memory Leak Vulnerability in decode_line_info in libbfd Denial of Service Vulnerability in OpenExif 2.1.4 via Crafted JPEG File Denial of Service Vulnerability in decode_line_info in libbfd Denial of Service Vulnerability in read_formatted_entries in libbfd Denial of Service Vulnerability in libbfd's process_debug_info Function Improper Request Validation in Pulse Secure Pulse One On-Premise 2.0.1649 and Below Vulnerability in Airbag Detonation Algorithm Allows Passenger Injury via Predictable Security Access Data Denial of Service Vulnerability in BFD Library (libbfd) in GNU Binutils 2.29 Heap-based buffer over-read vulnerability in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.5 NULL Pointer Dereference and Application Crash in scan_unit_for_symbols in libbfd Jaspersoft JasperReports 4.7 - Stored Credential Disclosure Vulnerability Remote Code Execution Vulnerability in Intelbras WRN 150 Devices Information Disclosure Vulnerability in Trapeze TransitMaster Inedo ProGet Package Addition Vulnerability (PG-1060) Denial of Service and Stack Corruption Vulnerability in Artifex GSView 6.0 Beta Denial of Service and Potential Impact via Crafted PDF File in Artifex GSView 6.0 Beta Arbitrary Code Execution and Denial of Service Vulnerability in Artifex GSView 6.0 Beta Buffer Overflow Vulnerability in D-Link Products: Remote Code Execution via fileaccess.cgi Arbitrary File Access via XXE Attack in Restlet Framework Memory Dump Vulnerability in IBM InfoSphere Information Server Double Free Vulnerability in i18n/zonemeta.cpp in ICU for C/C++ through 59.1 Default SSID Exposure Vulnerability in HikVision Wi-Fi IP Cameras Unintended Access to rusage Data Structures in Linux Kernel Allows Information Disclosure and KASLR Bypass Race condition in Check_MK before 1.2.8p26 allows remote attackers to obtain sensitive user information through a GUI crash report. Cross-Site Request Forgery Vulnerability in AlienVault USM v5.4.2 and Earlier Stored XSS Vulnerability in BlogoText before 3.7.6 via Comment Injection in inc/conv.php Remote PHP Code Execution in PivotX 2.3.11 via Unrestricted File Upload Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.x SQL Injection Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13 Arbitrary Write Vulnerability in IKARUS Anti-Virus 2.16.7's ntguard.sys Driver Out of Bounds Write Vulnerability in IKARUS Anti-Virus (CVE-2017-17112) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2021-XXXX) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (ntguard.sys Driver) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2021-XXXX) Arbitrary Write Vulnerability in IKARUS Anti-Virus (CVE-2017-17113) Arbitrary Write Vulnerability in IKARUS Anti-Virus Driver (CVE-2017-17114) Unauthorized File Access Vulnerability in IBM Sterling File Gateway 2.2 Memory leaks in Open vSwitch (OvS) while parsing malformed OpenFlow group mod messages Infocus Mondopad 2.2.08 Hashed Credential Disclosure Vulnerability InFocus Mondopad 2.2.08 Authentication Bypass Vulnerability Stored Cross-Site Scripting (XSS) Vulnerability in IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) NULL Pointer Dereference Vulnerability in libbfd Library NULL Pointer Dereference Vulnerability in FoFiType1C::convertToType0 Function in Poppler 0.59.0 Heap-based Buffer Over-read Vulnerability in FoFiType1C::convertToType0 Function in Poppler 0.59.0 NULL Pointer Dereference Vulnerability in FoFiTrueType::getCFFBlock Function in Poppler 0.59.0 Arbitrary File Read Vulnerability in Gxlcms Cross-Site Scripting (XSS) Vulnerability in IBM Connections 5.5 Buffer Overflow in Sync Breeze Enterprise 10.0.28 Login Endpoint ATutor before 2.2.3 - Cross-Site Scripting (XSS) Vulnerability in rss_feeds/edit_feed.php Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Arbitrary Web Script Injection in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Web Script Injection Vulnerability in EyesOfNetwork Web Interface Excessive Memory Allocation Denial of Service in OpenEXR 2.2.0 Use-After-Free Vulnerability in ImageMagick's RenderFreetype Arbitrary File Inclusion Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Cleartext Storage of Activation Keys in WordPress 4.8.2 Uninitialized Kernel Heap-Memory Information Disclosure Vulnerability Docker-CE (Moby) Content Verification Bypass Vulnerability Database Overflow Vulnerability in OXID eShop Community, Enterprise, and Professional Editions NULL Pointer Dereference in ReadDCMImage in GraphicsMagick 1.3.26 Stored XSS Vulnerability in WSO2 Management Console and Related Servers Integer Underflow in ReadPICTImage in GraphicsMagick 1.3.26 Reflected Cross Site Scripting (XSS) vulnerability in IBM Worklight Framework 6.1-8.0 RESTful Web API Stored Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 Reflected Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 on error.htm Weaker than Expected Security in IBM WebSphere Application Server due to Admin Console Vulnerability Regular Expression Denial of Service (ReDoS) Vulnerability in tough-cookie Module for Node.js Remote Denial of Service Vulnerability in Qt 5.x Named Pipes Arbitrary File Hijacking and Privilege Escalation in OpenText Documentum Content Server Vulnerability: Privilege Escalation through Content Replacement in OpenText Documentum Content Server Arbitrary Content Download Vulnerability in OpenText Documentum Content Server NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16 PDFDelegateMessage NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16's ReadEnhMetaFile NULL Pointer Dereference Vulnerability in ImageMagick 7.0.7-0 Q16's ReadOneMNGImage Heap-Based Buffer Over-Read Vulnerability in LAME 3.99.5 and Earlier Versions NULL Pointer Dereference Vulnerability in LAME 3.99.5's hip_decode_init Function Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 Heap-based Buffer Over-read in libbfd Heap-based buffer over-read vulnerability in bfd_get_debug_link_info_1 in libbfd allows for denial of service Denial of Service Vulnerability in libbfd's dwarf2.c NULL pointer dereference vulnerability in read_formatted_entries in dwarf2.c in GNU Binutils 2.29 Denial of Service Vulnerability in find_abstract_instance_name in libbfd Denial of Service Vulnerability in decode_line_info in libbfd SSRF Vulnerability in Open-Xchange GmbH OX App Suite 7.8.4 and Earlier HTTP Response Splitting Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cross Site Scripting (XSS) vulnerability in Open-Xchange GmbH OX App Suite 7.8.4 and earlier Timing Information Leakage in ARM Trusted Firmware Versions up to v1.4 Memory Leak in ReadYCBCRImage in ImageMagick 7.0.7-2 Memory Leak in ReadYUVImage in ImageMagick 7.0.7-2 EmTec PyroBatchFTP Denial of Service Vulnerability Race condition leading to out-of-bounds read in smb_strdupin function in FreeBSD through 11.1 Race condition vulnerability in QEMU's v9fs_xattrwalk function allows local guest OS users to access sensitive information from host heap memory Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.2.1.57987acc3018 Weak AES Password Encryption in IBM WebSphere Application Server version 9.0.0.4 Remote Command Execution Vulnerability in go get Unintended Cleartext Issue in Go SMTP PlainAuth Implementation Remote Code Execution Vulnerability in Sierra Wireless AirLink Routers Remote Access and Privilege Escalation Vulnerability in DocuWare Fulltext Search Server Heap-based Buffer Over-read Vulnerability in LAME MP3 Encoder Stack-based Buffer Overflow in LAME Audio Encoder (Versions 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98, and 3.97) Denial of Service Vulnerability in Redis 4.0.2 Zoom Client for Linux Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution via ZoomLauncher Binary in Linux Client Multiple Stored XSS Vulnerabilities in TeamPass before 2.1.27.9 Arbitrary User Deletion and Modification Vulnerability in TeamPass Arbitrary Role Modification and Deletion Vulnerability in TeamPass Arbitrary File Upload Leading to Remote Command Execution in TeamPass Arbitrary Item Manipulation and Access Control Bypass in TeamPass Remote Denial of Service Vulnerability in UPX 3.94 Cross-Site Scripting (XSS) Vulnerability in IBM Cognos TM1 10.2 and 10.2.2 CSRF Vulnerability in Subrion CMS 4.1.x through 4.1.5 and before 4.2.0 Vulnerability: Information Disclosure in IBM Jazz Foundation Products (X-Force ID: 129619) Directory Traversal Vulnerability in Smush Image Compression and Optimization Plugin for WordPress Privilege Escalation Vulnerability in IBM Informix Dynamic Server 12.1 SQL Injection Vulnerability in PHPSUGAR PHP Melody CMS 2.6.1 via playlists.php Rapid7 Metasploit Web UI Logout CSRF Vulnerability Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Unpatched Vulnerability in Red Hat Gluster Storage 3.3 for RHEL 6 Buffer overflow vulnerability in MIT Kerberos 5 allows remote code execution or denial of service Deserialization Vulnerability in Infinispan Hotrod Client Information Disclosure Vulnerability in IBM Jazz Foundation Products DNSSEC Validation Bypass Vulnerability in PowerDNS Recursor 4.0.0 - 4.0.6 API Read-Only Bypass Vulnerability in PowerDNS Authoritative Cross-Site Scripting Vulnerability in PowerDNS Recursor 4.0.0 - 4.0.6 Arbitrary Configuration Injection in PowerDNS Recursor Memory Leak in PowerDNS Recursor DNSSEC Parsing Code Deserialization Code Execution Vulnerability in Jackson-databind Null Pointer Dereference Vulnerability in GlusterFS Root Access Vulnerability in Red Hat PostgreSQL Initialization Scripts Vulnerability in json_populate_recordset and jsonb_populate_recordset Functions in PostgreSQL Privilege Escalation via INSERT ... ON CONFLICT DO UPDATE in PostgreSQL Stored XSS Vulnerability in Foreman Server: Exploiting HTML Injection in Facts, Trends, and Statistics Pages Vulnerability: Stack-Based Buffer Overflow in findTable() in Red Hat liblouis Privilege Escalation via USB Device in Linux Kernel Remote Command Execution and Privilege Escalation Vulnerability in Heketi Server API World Readable Heketi Configuration File Allows Password Extraction Unbound DNS Server Vulnerability: Improper Validation of Wildcard-Synthesized NSEC Records Improper Interpretation of Wildcard Synthesized NSEC Records in Dnsmasq DNSSEC Implementation (CVE-2017-14491) Arbitrary Command Injection in spice-vdagent up to and including 0.17.0 Email Address Enumeration Vulnerability in Moodle 3.x Insecure Temporary File Creation in keycloak-httpd-client-install Versions Before 0.8 Insecure Password Passing in keycloak-httpd-client-install Versions Before 0.8 Sensitive Password Logging Vulnerability in oVirt-Engine Privilege Escalation Vulnerability in libvirtd with TLS Transport Use-after-free vulnerability in sctp_do_peeloff function in Linux kernel before 4.14 NULL pointer dereference vulnerability in rngapi_reset function in Linux kernel before 4.2 Stack-based Buffer Overflow Vulnerability in NBD Server Implementation in QEMU Denial of Service Vulnerability in Quick Emulator (QEMU) NBD Server PowerDNS Recursor 4.0.8 Vulnerability: Denial of Service via Parsing of Authoritative Answers Filesystem Mount Vulnerability: System Crash via Misaligned File Punching Unrestricted RSS Feed Access in CloudForms Web Interface Unbounded Memory Allocation Vulnerability in QEMU VNC Server Stored XSS Vulnerability in CloudForms Self-Service UI Snapshot Feature Use-after-free vulnerability in Linux kernel before 4.13.6 allows removal of fork event from freed list Local Denial of Service Vulnerability in Linux Kernel's hugetlb_mcopy_atomic_pte Function Denial of Service Vulnerability in Linux Kernel's hugetlb_mcopy_atomic_pte Function Use-After-Free Vulnerability in Linux Kernel Network Namespace Code Denial of Service Vulnerability in Dovecot TLS SNI Configuration Lookups Umask Policy Bypass in XDG User Directories Creation Memory Leak Vulnerability in Dovecot's Auth Client Denial of Service Vulnerability in miekg-dns before 1.0.4 LDAP Search Filter Stack Buffer Overflow Vulnerability in 389-ds-base Authentication Bypass Vulnerability in 389-ds-base Hostname Reset Vulnerability in Red Hat Satellite 6 OpenShift Image Import Whitelist Bypass Vulnerability OpenShift Enterprise Cluster-Read Vulnerability: Unauthorized Access to Webhook Tokens Data Leakage Vulnerability in OpenStack Cinder: ScaleIO Thin Volumes with Zero Padding Sensitive Information Disclosure in IBM Doors Web Access 9.5 and 9.6 Remote Clickjacking Vulnerability in IBM Doors Web Access 9.5 and 9.6 Uninitialized Data Vulnerability in Libmp3splt 0.9.2 Double Free Vulnerability in FFmpeg 3.3.4 and Earlier: Remote Denial of Service via Crafted AVI File Persistent XSS Vulnerability in EyesOfNetwork Web Interface Infinite Loop Vulnerability in Wireshark DOCSIS Dissector (Versions 2.4.0 to 2.4.1) Denial of Service Vulnerability in IBM DB2 10.5 and 11.1 RTSP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1 DMP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15 BT ATT Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9 MBIM Dissector Memory Exhaustion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in include/global_session.php in Cacti 1.1.25 Privilege Escalation: Unauthorized Swimlane Editing in Kanboard Privilege Escalation: Unauthorized Removal of Columns in Kanboard Privilege Escalation: Unauthorized Category Addition in Kanboard Privilege Escalation: Unauthorized Category Editing in Kanboard Privilege Escalation: Unauthorized Editing of Private Project Metadata in Kanboard Unauthorized Command Execution in IBM DB2 with CLIENT Authentication Privilege Escalation: Unauthorized Task Addition in Private Projects Privilege Escalation: Unauthorized Tag Editing in Kanboard Privilege Escalation: Unauthorized Column Editing in Kanboard Privilege Escalation: Unauthorized Removal of Categories in Kanboard Privilege Escalation: Unauthorized Addition of Automatic Actions in Kanboard Privilege Escalation: Unauthorized Access to Attachments in Kanboard Privilege Escalation: Unauthorized Access to Private Projects via Form Data Manipulation Privilege Escalation: Unauthorized Task Editing in Kanboard Privilege Escalation: Unauthorized Removal of Automatic Actions in Kanboard Privilege Escalation: Unauthorized Removal of Attachments in Kanboard Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications Information Disclosure: Unauthorized Access to Private Project Thumbnails Privilege Escalation: Unauthorized Addition of External Links to Private Projects in Kanboard Information Disclosure: Unauthorized Access to Private Project Tags Stored XSS vulnerability in Flyspray: Gain Administrator Privileges via User Fields Stored XSS Vulnerability in Flyspray 1.0-rc4: Remote Code Execution and Privilege Escalation Reflected XSS Vulnerability in Shaarli v0.9.1 via searchtags Parameter in index.php Reflected XSS Vulnerability in MISP before 2.4.81 Memory Leak in ReadSGIImage in ImageMagick 7.0.7-2 Memory Leak in ReadOneJNGImage in ImageMagick 7.0.7-2 Stored Cross-Site Scripting (XSS) Vulnerability in dotCMS 4.1.1 Vanity-URLs, Containers, and Templates Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 Buffer Overflow Vulnerability in Flexense VX Search Enterprise 10.1.12 via Empty POST Request Buffer Overflow Vulnerability in ASX to MP3 Converter 3.1.3.7.2010.11.05 via Crafted M3U File Remote Code Execution Vulnerability in Ayukov NFTPD 2.0 and Earlier ArGoSoft Mini Mail Server 1.0.0.2 and Earlier Denial-of-Service Vulnerability Memory Leak Vulnerability in BFD Library Allows Denial of Service via Crafted ELF File Command Injection Vulnerability in Zyxel NBG6716 V1.00(AAKG.9)C0 Devices Use-after-free vulnerability in Irssi before 1.0.5 Unterminated Colour Formatting Sequences in Irssi before 1.0.5 May Lead to Data Access Vulnerability Unauthenticated Report Download Vulnerability in IBM InfoSphere MDM Collaborative Edition 11.5 NULL Pointer Dereference in libjpeg-turbo 1.5.2: Vulnerability in jdpostct.c and jquant1.c Authentication Bypass Vulnerability in Horde Groupware File Manager Improper Restriction of Proprietary Protocol in Tiandy IP Cameras Use-after-free vulnerability in GraphicsMagick's ReadOneJNGImage function Denial of Service Vulnerability in IrfanView 4.44 - 32bit with PDF Plugin 4.43 Information Disclosure Vulnerability in IBM Jazz Foundation Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (CVE-2021-XXXX) IrfanView PDF Plugin Remote Code Execution Vulnerability Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin IrfanView PDF Plugin Remote Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView PDF Plugin Denial of Service Vulnerability in IrfanView PDF Plugin (Version 4.43) Denial of Service Vulnerability in IrfanView 4.44 (32bit) via Crafted .tif File Race condition vulnerability in ALSA subsystem in Linux kernel before 4.13.8 Divide-By-Zero Vulnerability in GNU Libextractor 1.4's EXTRACTOR_wav_extract_method NULL Pointer Dereference in flac_metadata in GNU Libextractor 1.4 Memory Leak Vulnerability in Qemu 2.10.0 FTP Bounce Scan Vulnerability in PSFTPd 10.0.4 Build 729 Server XML External Entity Injection (XXE) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 CSV Injection Vulnerability in PSFTPd 10.0.4 Build 729 Server Remote Use-After-Free Vulnerability in PSFTPd 10.0.4 Build 729 Insecure Storage of Configuration Data in PSFTPd Server Arbitrary Code Execution via User-Submitted Titles in Mahara NULL Pointer Dereference and OOPS Vulnerability in Linux Kernel's keyctl.c Heap Memory Leakage Vulnerability in Samba before 4.7.3 Privilege Escalation via Path Traversal in OpenText Documentum Content Server Uninitialized Palette Leak in ReadGIFImage Function Cross-Site Scripting (XSS) Vulnerability in TeamPass before 2.1.27.9 Umbraco CMS XSS Vulnerability in Page Creation Umbraco CMS XXE Vulnerability: Sensitive Information Disclosure and SSRF Uninitialized Value Vulnerability in ReadPSDImage in ImageMagick 7.0.7-6 Cross-Site Scripting (XSS) Vulnerability in OctoberCMS 1.0.425: Remote Code Execution via Malicious SVG Avatar Remote Code Execution via File Extension Bypass in X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 NULL Pointer Dereference in tableColumnList in SQLite 3.20.1 XSS Vulnerability in BouquetEditor WebPlugin for Dream Multimedia Dreambox Devices Weak Permissions in Scala Compilation Daemon Out-of-Bounds Write Vulnerability in Qemu's Cirrus VGA Display Driver Cleartext Data Leakage in Mirasys Video Management System (VMS) Arbitrary Script Injection in TP-LINK TL-MR3220 Wireless Routers Unauthenticated Access and Attacks in Xpress Server of SAP POS (SAP Security Note 2520064) XSS Vulnerability in SAP CRM Java Administration Console (SAP Security Note 2478964) Unauthenticated File Access Vulnerability in SAP POS Xpress Server CSRF Vulnerability in SAP CRM Java Component (SAP Security Note 2478964) Unauthenticated Access to SAP Hostcontrol SOAP SAPControl Endpoint Git Bomb Vulnerability: Denial of Service and Disk Consumption KEYS subsystem vulnerability in Linux kernel through 4.13.7 allows for denial of service and potential system crash Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 Denial of Service Vulnerability in EWBF Cuda Zcash Miner Version 0.3.4b Improper Access Rights and Information Disclosure in CPUID CPU-Z Arbitrary Memory Write Vulnerability in CPUID CPU-Z Persistent Session Hijacking Vulnerability in Airtame HDMI Dongle Web Panel Cross-Site Scripting (XSS) Vulnerability in NexusPHP 1.5 via messages.php Keyword Parameter NULL pointer dereference vulnerability in KVM_CHECK_EXTENSION ioctl in Linux kernel Permission Control Vulnerability in Huawei Honor 8 Smartphones Huawei iReader App URL Input Validation Vulnerability Path Traversal Vulnerability in Huawei iReader App (CVE-2021-XXXX) Cross-Site Scripting (XSS) Vulnerability in IBM Business Process Manager 7.5, 8.0, and 8.5 Arbitrary File Deletion Vulnerability in Huawei iReader App (CVE-2021-XXXX) Stack Overflow Vulnerability in Huawei Baseband Modules of Mate 10, Mate 10 Pro, Mate 9, and Mate 9 Pro Smartphones Stored XSS Vulnerability in Huawei SmartCare V200R003C10 Dashboard Module CSV Injection Vulnerability in Huawei SmartCare V200R003C10 Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Memory Leak Vulnerability in Huawei NIP6300, NIP6600, Secospace USG6300, and Secospace USG6500 Devices Memory Double Free Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Input Validation Vulnerability in Huawei Multiple Products Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Cross-Site Scripting (XSS) Vulnerability in IBM DOORS 9.5 and 9.6 Out-of-bounds read vulnerability in Huawei RP200, TE30, TE40, TE50, and TE60 devices Information Leak Vulnerability in Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) DoS Vulnerability in Huawei Smartphones: NFC Message Exploit DoS Vulnerability Causing Memory Exhaustion in Multiple Huawei Products DoS Vulnerability in Huawei S5700 and S6700 Switches: Insufficient Validation of NQA Packets Integer Overflow Vulnerability in Prague Smart Phones Weak Encryption Algorithm Vulnerability in DBS3900 TDD LTE V100R003C00, V100R004C10 Improper Authorization Vulnerability on Huawei Switch Products Authentication Bypass Vulnerability in Huawei HG8245H (Earlier than V300R018C00SPC110) SQL Injection Vulnerability in Huawei UMA V200R001C00 Operation and Maintenance Module Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager Appliance 9.0.3 Double Free Vulnerability in Huawei Smartphone Flp Driver Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR-S, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR Memory Leak Vulnerability in Huawei AR and USG Series Devices XML Parser Denial of Service Vulnerability Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei DP300 V500R002C00 and Other Products Buffer Overflow Vulnerability in Huawei SIP Module Buffer Overflow Vulnerability in Huawei SIP Module Buffer Overflow Vulnerability in Huawei SIP Module Open Redirect Vulnerability in IBM Security Access Manager Appliance 8.0.0 and 9.0.0 Information Disclosure Vulnerability in Huawei Smartphones with TAG-AL00C92B168 Software Denial of Service Vulnerability in Huawei AR3200 and TE Series Routers and Videoconferencing Systems Denial of Service Vulnerability in Huawei DP300, TE60, TP3106, and eSpace U1981 Integer Overflow Vulnerability in Huawei AR3200 Software Integer Overflow Vulnerability in Huawei AR3200 Software Denial of Service Vulnerability in Huawei Smartphones with LON-L29DC721B186 Software XML Parser Denial of Service Vulnerability Use After Free (UAF) Vulnerability in Huawei Mate 9 Pro Mobile Phones Insufficient Input Validation Vulnerability in Huawei Network Security Products Memory Leak Vulnerability in Huawei CloudEngine Switches Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 Buffer Overflow Vulnerability in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R Authentication Bypass Vulnerability in Huawei Honor V9 Play Smartphones Improper Access Control Vulnerability in Huawei OceanStor Storage Systems Out-of-Bounds Read Vulnerability in Huawei DP300, RP200, RSE6500, TE30, TE40, TE50, TE60, TX50, VP9660, ViewPoint 8660, and ViewPoint 9030 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Buffer Overflow Vulnerability in Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00 Privilege Escalation via Symlink Attack in Arq Auto-Updater Privilege Escalation via Race Condition in Charles Proxy Settings SUID Binary Directory Traversal Vulnerability in 3CX Phone System 15.5.3554.1 Management Console Cross-Site Scripting (XSS) Vulnerability in IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0) Stored Cross-Site Scripting Vulnerability in PRTG Network Monitor version 17.3.33.2830 ROCA: Vulnerability in Infineon RSA Library Arbitrary Client-Side JavaScript Code Execution in osTicket 1.10.1 via Crafted Support/SCP/Tickets.php?status= Link (XSS) Arbitrary File Read Vulnerability in Luracast Restler Double Free Vulnerability in Ccsv 1.1.0 Incorrect Ordering of DDL Replication and ACL Checking in MariaDB and Percona XtraDB Cluster Cleartext Log File Exposes Default Database Password in Thornberry NDoc 8.0 Multiple SQL Injection Vulnerabilities in Bacula-web Denial of Service and Stack-based Buffer Over-read Vulnerability in radare2 2.0.0 Use-after-free vulnerability in build_filter_chain function in MuPDF Heap-Based Buffer Overflow in SoX's ImaExpandS Function Leads to Denial of Service Attack Denial of Service Vulnerability in SoX 14.4.2: Assertion Abort in sox_append_comment() Stack-based Buffer Overflow in lsx_ms_adpcm_block_expand_i Function of SoX 14.4.2 SQL Injection Vulnerability in E-Sic 1.0 via q Parameter in lkpcep.php Cross-Site Scripting (XSS) Vulnerability in Shopware v5.2.5 - v5.3 Backend Modules Client-side Cross-Site Scripting Vulnerabilities in WpJobBoard v4.5.1 Unauthenticated Remote Command Execution in Mobatek MobaXterm 10.4 Vulnerability: Redundant Content Inspection in Suricata E-Sic 1.0 Password Reset SQL Injection Vulnerability Authentication Bypass Vulnerability in E-Sic 1.0 Undocumented URL Information Disclosure Vulnerability in IBM Financial Transaction Manager for ACH Services Cross-Site Scripting (XSS) Vulnerability in E-Sic 1.0 Registration Area SQL Injection Vulnerability in E-Sic 1.0 via f Parameter in zip code search script Unquoted BINARY_PATH_NAME Vulnerability in Nero 7.10.1.0 XSS Vulnerability in Rate Me 1.0 via id Field in rate-me.php Denial of Service and Potential Remote Code Execution in radare2 2.0.0 Omnibox Spoofing Vulnerability in Google Chrome Content Security Policy Bypass in Google Chrome prior to 62.0.3202.62 Out of Bounds Memory Read Vulnerability in Skia in Google Chrome Insufficient Watchdog Timer in Google Chrome Allows Remote URL Spoofing Privilege Escalation in IBM Business Process Manager through LDAP Group Manipulation Domain Spoofing Vulnerability in Google Chrome Insufficient Policy Enforcement in Google Chrome Extensions: Unauthorized Access via Crafted HTML Page Heap Corruption Vulnerability in V8 in Google Chrome Prior to 62.0.3202.62 Referer Leak Vulnerability in Google Chrome Devtools Remote Debugging Domain Spoofing Vulnerability in Google Chrome Extensions ImageCapture NULL Pointer Dereference Vulnerability in Google Chrome Stack Buffer Overflow in NumberingSystem in ICU for C/C++ Cleartext HTTP Request Observation and Tampering Vulnerability in ChromeVox Remote Code Execution Vulnerability in Google Chrome's QUIC Networking Stack Remote Code Execution Vulnerability in V8 Engine of Google Chrome Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Printer Zeroconfig CRLF Vulnerability in CUPS WebAssembly Memory Corruption Vulnerability in Google Chrome Sandbox Escape Vulnerability in Google Chrome on Chrome OS prior to 62.0.3202.74 Command Injection Vulnerability in crosh in Google Chrome OS Local Privilege Escalation in Crash Reporting in Google Chrome on Chrome OS Vulnerability: Local Privilege Escalation via Symlink Handling and Race Condition in cryptohomed Remote Code Execution Vulnerability in V8 in Google Chrome Remote Code Execution Vulnerability in Google Chrome's QUIC Networking Stack Heap Buffer Overflow in Omnibox in Google Chrome Heap Buffer Overflow in Skia in Google Chrome Inadequate Update Mechanism for AIX JRE/SDK Packages PDFium Use After Free Vulnerability in Google Chrome PDFium Use After Free Vulnerability in Google Chrome Heap Corruption Vulnerability in libxml2 WebAssembly Type Confusion Vulnerability in Google Chrome Pointer Leakage Vulnerability in Google Chrome IPC Heap Buffer Overflow in Blob API in Google Chrome Cross-Origin Data Leakage in Skia Canvas Composite Operations in Google Chrome Uninitialized Memory Vulnerability in Skia in Google Chrome Leaked Cross-Origin URL Vulnerability in Google Chrome's Resource Timing API Spoofing Omnibox Contents via Back Navigation in Google Chrome Integer Overflow in International Date Handling in ICU for C/C++ Leakage of Low-Order Bits in BoringSSL SPAKE2 Protocol in Google Chrome Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome Domain Spoofing Vulnerability in Google Chrome XSS Vulnerability in Omnibox of Google Chrome prior to 63.0.3239.84 V8 Builtins String Generator Out of Bounds Read/Write Vulnerability Arbitrary Script Injection Vulnerability in V8 WebAssembly JS Bindings Chromecast Plugin in Google Chrome Prior to 63.0.3239.84 - Remote Code Injection Vulnerability Local Credential Caching Vulnerability in IBM Sterling B2B Integrator Standard Edition IBM Doors Web Access 9.5 and 9.6 Physical Access Credential Theft Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 Directory Traversal Vulnerability in IBM Sterling File Gateway 2.2 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 Password Change Vulnerability Remote Clickjacking Vulnerability in IBM API Connect 5.0.0.0 through 5.0.7.2 Cross-Site Scripting Vulnerability in NetApp SnapCenter Server Prior to 4.0 NetApp SnapCenter Server CSRF Vulnerability Unspecified Vector Information Disclosure Vulnerability in AltaVault OST Plug-in Privileged Database User Account Password Logging Vulnerability Unauthenticated Remote Attackers Can View and Modify Backup Data in SnapCenter 2.0 through 3.0.1 Link Injection Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Security Feature Bypass Vulnerability in Kemp Load Balancer's Application Firewall Pack (AFP) Denial of Service Vulnerability in Symantec Endpoint Encryption (SEE) v11.1.3MP1 and earlier Null Pointer Dereference Vulnerability in Symantec Endpoint Encryption (SEE) Prior to v11.1.3MP1 Directory Traversal Vulnerability in Symantec Management Console Certificate Spoofing Vulnerability in Install Norton Security (INS) Product Norton Family Android App Vulnerable to Denial of Service (DoS) Exploit Cross-Site Scripting (XSS) Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Information Disclosure Vulnerability in Norton Family Android App (Version Prior to 4.4.1.10) Excessive Authentication Attempts Vulnerability in Symantec Reporter Path Traversal Vulnerability in Symantec Messaging Gateway (Prior to 10.6.4) ROBOT Attack Vulnerability in Symantec SSL Visibility (SSLV) Authentication Bypass Vulnerability in Norton App Lock (prior to version 1.3.0.13) Vulnerability in MongoDB 3.4.x and 3.5.x: Denial of Service and Memory Modification via Enabled networkMessageCompressors Privilege Escalation Vulnerabilities in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0 Vulnerability: Privilege Escalation via x86 FPU Subsystem in Linux Kernel Stored XSS vulnerability in ILIAS Media Objects Component Allows for Administrator Privilege Escalation SQL Injection Vulnerability in zorovavi/blog via id parameter in recept.php Remote Click Hijacking Vulnerability in IBM Infosphere BigInsights 4.2.0 and 4.2.5 Blind SQL Injection Vulnerability in EMC RSA Authentication Manager 8.2 SP1 P6 and Earlier Remote Unauthenticated Root Access Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance Arbitrary File Upload Vulnerability in EMC Avamar Server, EMC NetWorker Virtual Edition, and EMC Integrated Data Protection Appliance Unauthorized Generation of API Tokens in IBM API Connect 5.0.0.0 through 5.0.7.2 Path Traversal Vulnerability in EMC Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance Regular Expression Denial of Service (ReDoS) Vulnerability in IBM API Connect 5.0.7.0 through 5.0.7.2 NULL Pointer Dereference in GfxImageColorMap::getGrayLine() function in Poppler 0.59.0 via crafted PDF document Insecure SPANK Environment Variable Handling Vulnerability in SchedMD Slurm Local Privilege Escalation Vulnerability in IDEMIA MorphoSmart 1300 Series Devices Cross-Site Scripting (XSS) Vulnerability in Redmine Issue History Rendering Cross-Site Scripting (XSS) Vulnerability in Redmine Issue List Rendering Denial of Service Vulnerability in IBM WebSphere MQ 8.0 and 9.0 Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3 Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3 Sensitive Information Exposure in Redmine Password Reset Tokens Cross-Site Scripting (XSS) Vulnerability in Redmine before 3.2.6 and 3.3.x before 3.3.3 Stored XSS Vulnerability in Redmine via SVG Document Attachment Unauthenticated Access to Sensitive Differences in Redmine Time Entry Rendering Vulnerability in Redmine Remote Information Disclosure in Redmine Wiki Link Rendering SQL Injection in PHPSUGAR PHP Melody before 2.7.3 via admin/edit_category.php SQL Injection via aa_pages_per_page Cookie in PHPSUGAR PHP Melody before 2.7.3 Open Redirect Vulnerability in IBM Maximo Asset Management 7.5 and 7.6 Arbitrary File Upload Vulnerability in osTicket 1.10.1 Lack of Encryption in Diary with lock Android App Allows Sniffing of Sensitive Information Hardcoded AES Parameters in net.MCrypt Android App Vulnerability Local File Inclusion Vulnerability in ABB Fox515T 1.0 Embedded Web Server Integer Overflow in Artifex MuPDF 1.11's pdf_read_new_xref_section Race Condition in Xen Allows Arbitrary Code Execution on Host OS Uninitialized Hypervisor Stack Memory Write Vulnerability in Xen Vulnerability in Multiple IBM Rational Products Allows Disclosure of Sensitive Information Xen MSI Mapping Mishandling Vulnerability Denial of Service Vulnerability in Xen DMOP Map/Unmap Implementation Xen x86 HVM Guest OS Denial of Service and Privilege Escalation Vulnerability Memory Leak Vulnerability in Xen through 4.9.x Xen x86 SVM PV Guest OS IDT Mishandling Vulnerability Xen Privilege Escalation and Denial of Service Vulnerability through Crafted Page-Table Stacking Denial of Service Vulnerability in Xen ARM Guest OS Vulnerability: Grant Copying Code Memory Corruption and Denial of Service in Xen Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 NULL Pointer Dereference in EXTRACTOR_nsf_extract_method function of GNU Libextractor 1.4 Heap-based Buffer Overflow in EXTRACTOR_png_extract_method in GNU Libextractor 1.4 Integer Signedness Error in EXTRACTOR_nsfe_extract_method Function in GNU Libextractor 1.4 Directory Traversal Vulnerability in Inedo Otter before 1.7.4 (OT-181) CSRF Vulnerability in Inedo ProGet before 5.0 Beta5 Allows Unauthorized Modification of Advanced Settings Sensitive Cleartext Information Disclosure in Octopus before 3.17.7 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Vulnerability: Unauthorized Certificate Export with Guest Account in Octopus Server Privilege Escalation through User Invitation in Octopus before 3.17.7 Cross-Site Scripting (XSS) Vulnerability in Mistune 0.7.4 via Unexpected Newline or Crafted Email Address Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via cmxddns.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via phddns.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via pptp_client.lua Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Arbitrary Command Execution Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via wportal.lua File Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via webfilter.lua Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices Missing Source Net Restriction in SuSEfirewall2 Allows Bypass of Portmap Service Access Restrictions Bypassing Access Restrictions in Mura CMS 6.2 via Draggable Feeds Feature Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Cross-Site Scripting (XSS) vulnerability in phpIPAM before 1.3.1 via the ip parameter in app/sections/user-menu.php Use-After-Free Vulnerability in lsx_aiffstartread in SoX 14.4.2 Remote Code Execution Vulnerability in IKARUS Anti Virus 2.16.7 via Man-in-the-Middle Attack SSRF Vulnerability in Webmin 1.850 via PATH_INFO to tunnel/link.cgi Arbitrary Command Execution Vulnerability in Webmin 1.850 via CSRF Webmin Remote Code Execution via XSS in File Manager Directory Traversal Vulnerability in FiberHome Routers via /cgi-bin/webproc XSS Vulnerability in PHPSUGAR PHP Melody before 2.7.3 via page_manager.php Race condition leading to use-after-free vulnerability in Linux kernel's af_packet module Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Buffer Overflow in musl libc DNS Parsing Arbitrary Code Execution Vulnerability in PRTG Network Monitor 17.3.33.2830 Artifex Ghostscript 9.22 Vulnerability: Information Disclosure Unauthenticated Remote Code Execution in Asus asuswrt HTTPd Server Predictable Session Tokens in Asus asuswrt HTTPd Server Allow Administrative Router Access Unpatched Buffer Overflow Vulnerability in Asus asuswrt HTTPd Server Allows for Remote Code Execution Vulnerability: Plaintext Password Storage in Asus asuswrt HTTPd Server Denial of Service Vulnerability in Flexense VX Search Enterprise v10.1.12 Control Protocol Denial of Service Vulnerability in Flexense Disk Pulse Enterprise v10.1.18 Control Protocol Denial of Service Vulnerability in Flexense Sync Breeze Enterprise v10.1.16 Control Protocol Denial of Service Vulnerability in Flexense DiskBoss Enterprise 8.5.12 Control Protocol Denial of Service Vulnerability in Flexense SysGauge Server 3.6.18 Cross-Site Scripting (XSS) Vulnerability in IBM Doors Web Access 9.5 and 9.6 Heap-based Buffer Overflow in glob.c: Processing of Home Directories using ~ Operator Memory Leak Vulnerability in glob.c in GNU C Library (glibc) Out-of-Bounds Read Vulnerability in FFmpeg's read_header Function Arbitrary PHP Code Execution Vulnerability in CS-Cart 4.6.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Crafter CMS Crafter Studio 3.0.1 Unauthenticated IDOR Vulnerability Directory Traversal Vulnerability in Crafter CMS Crafter Studio 3.0.1 Allows Unauthenticated Attackers to Overwrite Files and Achieve Remote Code Execution (RCE) Stored/Blind XSS Vulnerability in Crafter CMS Crafter Studio 3.0.1 XML External Entity (XXE) vulnerability in Crafter CMS Crafter Studio 3.0.1 allows unauthenticated attackers to retrieve OS files out-of-band. Crafter CMS Crafter Studio 3.0.1 Directory Traversal Vulnerability XML External Entity (XXE) Vulnerability in Crafter CMS Crafter Studio 3.0.1 Cross Site Scripting (XSS) vulnerability in Crafter CMS Crafter Studio 3.0.1 allows remote attackers to steal users' cookies. DOM Based Cross Site Scripting (XSS) Vulnerability in Logitech Media Server 7.7.1-7.7.6, 7.9.0-7.9.1 Unspecified Denial of Service Vulnerability in IBM WebSphere Commerce 7.0 and 8.0 Marketing ESpot XML External Entity Expansion (XXE) Vulnerability in Apache UIMA Remote Code Execution Vulnerability in Apache Geode Locator Remote Code Execution Vulnerability in Apache Geode Server Apache Geode Server Secure Mode Metadata Modification Vulnerability Apache Geode Server Remote Code Execution Vulnerability Insecure Authorization in Apache Geode Configuration Service Remote Code Execution Vulnerability in Apache NiFi Vulnerability: Apache Tomcat Native Connector OCSP Check Bypass Apache Qpid Dispatch Router Denial of Service Vulnerability Information Disclosure Vulnerability in IBM Jazz Foundation Products Apache Sling Authentication Service 1.4.0 - Credential Theft via Login Form Vulnerability Apache Qpid Broker-J AMQP 1.0 Frame Size Enforcement Vulnerability Vulnerability: Apache Qpid Broker-J Authentication Provider Spoofing Java Deserialization Attack Vulnerability in Apache NiFi 1.x Releases Denial of Service Vulnerability in Apache SpamAssassin before 3.4.2 Incorrect Documentation for CGI Servlet Search Algorithm in Apache Tomcat Apache Struts 2.5 to 2.5.14 JSON-lib DoS Vulnerability Unauthenticated Remote Code Execution in Apache Synapse with Commons Collections 3.2.1 OpenWire Protocol Information Disclosure Vulnerability Weak Cryptographic Algorithms in IBM DB2 for Linux, UNIX and Windows Apache httpd mod_authnz_ldap Accept-Language Header Out-of-Bounds Write Vulnerability Apache Oozie File Exposure Vulnerability Exposure of Private Files in Apache Hadoop Job History Server Code Injection Vulnerability in BIRT Plugin of Apache OFBiz 16.11.01 to 16.11.03 Apache httpd 2.4.0 to 2.4.29 Filename Matching Vulnerability URL Encoding Bypass Vulnerability in Apache Sling XSS Protection API YARN NodeManager Credential Store Password Leakage Vulnerability Arbitrary JS Code Submission Vulnerability in Wicket jQuery UI WYSIWYG Editor Remote Code Execution Vulnerability in Apache Airflow 1.8.2 and Earlier Irssi DCC CTCP Message NULL Pointer Dereference Vulnerability Buffer Overflow Vulnerability in Irssi before 1.0.5 NULL Pointer Dereference Vulnerability in Irssi before 1.0.5 XML External Entity Injection Vulnerability in Dzone AnswerHub Stored Cross-site Scripting (XSS) via HTML Attachment in phpMyFAQ before 2.9.9 Stored Cross-site Scripting (XSS) Vulnerability in phpMyFAQ before 2.9.9 via metaDescription or metaKeywords CSRF Vulnerability in phpMyFAQ Glossary Addition CSRF Vulnerability in phpMyFAQ admin/stat.ratings.php CSRF Vulnerability in phpMyFAQ admin/stat.adminlog.php CSRF Vulnerability in phpMyFAQ admin/news.php CSRF Vulnerability in phpMyFAQ before 2.9.9 CSRF Vulnerability in phpMyFAQ Admin Panel CSRF Vulnerability in phpMyFAQ Glossary Modification Stored Cross-Site Scripting (XSS) Vulnerability in SPIP before 3.1.7 Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Stack Corruption Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 Denial of Service and Possible Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 - Arbitrary Code Execution via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin Weak Cryptographic Algorithms in IBM Sterling B2B Integrator Standard Edition Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Code Execution Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Impact via Crafted .dwg File in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 Denial of Service and Potential Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Denial of Service and Potential Code Execution in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service and Potential Remote Code Execution in IrfanView 4.50 - 64bit with BabaCAD4Image Plugin 1.3 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.50 - 64bit with CADImage Plugin 12.0.0.5 via Crafted .dwg File Denial of Service Vulnerability in IrfanView 4.50 - 64bit via Crafted .tif File Denial of Service and Potential Impact via Crafted .dds File in IrfanView 4.50 - 64bit Directory Traversal Vulnerability in IBM WebSphere Portal Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43 Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Potential Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Denial of Service and Possible Remote Code Execution in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File DLL File Mishandling Vulnerability in XnView Classic for Windows Version 2.43 Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43 DLL File Mishandling Vulnerability in XnView Classic for Windows Version 2.43 Buffer Overflow Vulnerability in glob.c in GNU C Library (glibc) before 2.27 Directory Traversal Vulnerability in Cisco Small Business SA520 and SA540 Devices Arbitrary Code Execution via Crafted Email Address in ezcMailMtaTransport Class CSRF Vulnerability in phpMyFaq Admin/Ajax.Config.php XSS Vulnerability in phpMyFaq Admin Panel via Crafted Tag XSS Vulnerability in PopCash.Net Code Integration Tool Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in Pootle Button Plugin for WordPress XSS Vulnerability in Easy Appointments Plugin for WordPress Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Out of Bounds Read Vulnerability in Android Camera Flash Driver Buffer Overflow Vulnerability in 802.11 MGMT Frame Processing in Android for MSM, Firefox OS for MSM, QRD Android Vulnerability: Authentication Failure in Qualcomm Android Products with CAF and Linux Kernel Integer Overflow Vulnerability in Android Releases from CAF Use After Free Vulnerability in Qualcomm Android Devices with CAF and Linux Kernel Unbounded Value Vulnerability in wma_p2p_noa_event_handler() Function Buffer Overflow Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Buffer Overflow Vulnerability in Spectral_create_samp_msg() Function Memory Leak Vulnerability in UpdateDeviceStatus() Function in Android Releases from CAF Out of Bounds Memory Access Vulnerability in Android Releases from CAF Double Free Vulnerability in MDSS Rotator in Android, Firefox OS, and QRD Android Integer Overflow Vulnerability in Android Keystore Access Race Condition in Qualcomm GPU Driver: Exploiting Use After Free Vulnerability Improper Error Handling in MyFaces JSF in IBM WebSphere Application Server Buffer Overflow Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Integer Overflow Vulnerability in wma_ndp_end_indication_event_handler() Function Untrusted Pointer Dereference in Power Function Leads to Information Exposure in Android for MSM, Firefox OS for MSM, QRD Android Race Condition Vulnerability in diag_dbgfs_read_dcistats() in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Denial of Service Vulnerability in CAF Android Releases Integer Overflow Vulnerability in Qualcomm Android and Firefox OS Buffer Over-read Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Vulnerability: Remote RAM Dump and FW Reset in Snapdragon Mobile Processors Buffer Use-After-Free Vulnerability in Android Releases from CAF Race Condition Vulnerability in msm_bus_floor_vote_context() in Android Releases from CAF Uninitialized Memory Write Vulnerability in Android Releases from CAF Invalid Input in WLAN Cal Data Store Operation Can Lead to Memory Leak or Buffer Overflow Untrusted Pointer Dereference Vulnerability in Android Camera Driver Race Condition Vulnerability in SPCom Kernel Driver Buffer Overflow Vulnerability in FastRPC Kernel Driver Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases Audio Codec Register Read Vulnerability Vulnerability: Copy_from_user and Information Leak in msm_ois_subdev_do_ioctl Function Camera Driver Information Leak Vulnerability Buffer Over-read Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android Integer Overflow and Buffer Overflow Vulnerability in wma_radio_chan_stats_event_handler() Kernel Buffer Overflow Vulnerability in Qualcomm Android and Firefox OS Double Free Vulnerability in Android Releases from CAF Out-of-Bounds Access Vulnerability in Android Camera Driver Buffer Overrun Vulnerability in QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB Command Stack Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel Unvalidated Array Access in wma_roam_synch_event_handler Function Integer Overflow and Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel XSS Vulnerability in wp-noexternallinks Plugin for WordPress Information Disclosure Vulnerability in OTRS Agent Frontend Remote Information Disclosure Vulnerability in bgpd of FRRouting (FRR) Cross-Site Scripting (XSS) Vulnerabilities in User-Login-History Plugin for WordPress Privilege Escalation via BNEP Connection Vulnerability Arbitrary Web Script Injection Vulnerability in LiveZilla knowledgebase.php Privilege Escalation via Image Path Execution Hijacking in Palo Alto Networks GlobalProtect Agent Denial of Service Vulnerability in serialize-to-js through 1.1.1 XSS Vulnerability in phpwcms 1.8.9 via Username Field in admin.edituser.tmpl.php and admin.newuser.tmpl.php Integer Overflow in get_next_block function in BusyBox 1.27.2 Integer Underflow in decompress_unlzma.c in BusyBox 1.27.2 leads to read access violation SQL Injection Vulnerability in Password Recovery in GPWeb 8.4.61 Unrestricted File Upload Vulnerability in GPWeb 8.4.61 Allows Remote Authenticated Users to Upload Malicious Files Insecure Permissions Vulnerability in GPWeb 8.4.61 Allows Remote Password and User Database Exposure Cross-Site Scripting (XSS) Vulnerability in KeystoneJS Contact Us Feature CSV Injection in KeystoneJS before 4.0.0-beta.7 via mishandled value in CSV export SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Arbitrary Script Injection in KeystoneJS Content Brief and Content Extended Fields Denial of Service Vulnerability in London Trust Media Private Internet Access (PIA) Android Application Authentication Bypass and Denial of Service Vulnerability in Sitefinity Privilege Escalation Vulnerability in HashiCorp Vagrant VMware Fusion Plugin Reflected XSS Vulnerability in Axis 2100 Network Camera 2.03 Web Administration Portal SSRF Vulnerability in Synology Chat Link Preview Allows Arbitrary File Download Excessive Authentication Attempts Vulnerability in Synology CardDAV Server Arbitrary Script Injection in Synology Audio Station's Custom Internet Radio List Command Injection Vulnerability in Synology DiskStation Manager (DSM) before 5.2-5967-5 Arbitrary Code Injection through Synology MailPlus Server Disclaimer Improper Access Control Vulnerability in Synology Calendar Allows Unauthorized Modification of Events Cross-Site Scripting (XSS) Vulnerabilities in Synology Chat Slash Command Creator Directory Traversal Vulnerability in Synology File Station Allows Arbitrary File Write Directory Traversal Vulnerability in Synology DiskStation Manager (DSM) Allows Arbitrary File Write Arbitrary File Write Vulnerability in Synology Router Manager (SRM) OpenSSL Vulnerability CVE-2017-3737: TLS Handshake Failure in Node.js Buffer Initialization Bug in Node.js Versions 8.X and 9.X OpenSSH 7.6 Vulnerability: Unauthorized Creation of Zero-Length Files SQL Injection Vulnerability in phpCollab 2.5.1 and Earlier: Remote Code Execution via newsdesk/newsdesk.php Remote DNS Server DoS Vulnerability in systemd-resolved Hardcoded Password Vulnerability in D-Link DGS-1500 Ax Devices Cross-Site Scripting Vulnerability in IBM WebSphere DataPower Appliances 7.0.0 through 7.6 Arbitrary Client-Side JavaScript Code Execution in Ignite Realtime Openfire Server Whale Installer Vulnerability: DLL Hijacking Remote User Override of Repository Restrictions in Borg Servers 1.1.x before 1.1.3 Unauthorized Map Creation Vulnerability in Paessler PRTG Network Monitor 17.3.33.2830 Critical Security Vulnerability in Sera 1.2: Plain Text Storage of User Login Passwords SQL Injection and PHP Object Injection in Ultimate Form Builder Lite Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management NULL Pointer Dereference Vulnerability in Watchdog Anti-Malware and Online Security Pro NULL Pointer Dereference Vulnerability in Watchdog Anti-Malware and Online Security Pro Out-of-Bounds Read Vulnerability in GNU Libextractor 1.4's EXTRACTOR_dvi_extract_method Function Denial of Service Vulnerability in Konversation IRC Client Command Injection Vulnerability in ss-manager in shadowsocks-libev 3.1.0 Segmentation Fault Vulnerability in Ox Gem 2.8.0 for Ruby Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Null Pointer Dereference in ReadOneJNGImage in GraphicsMagick 1.3.26 Integer Exception Vulnerability in radare2 2.0.1 via Crafted ELF Files on 32-bit Systems Integer Exception Vulnerability in radare2 2.0.1 SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Stored Cross-Site Scripting Vulnerability in Artica Pandora FMS version 7.0 Remote PHP Code Execution Vulnerability in Artica Pandora FMS Version 7.0 XSS Vulnerability in Artica Pandora FMS Version 7.0 Allows Remote Code Execution Artica Pandora FMS Version 7.0 Path Disclosure Vulnerability Denial of Service Vulnerability in libbfd's dwarf2.c NULL pointer dereference vulnerability in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.29 allows remote attackers to cause a denial of service via a crafted ELF file. Arbitrary Code Execution in Palo Alto Networks PAN-OS Web Interface Packet Capture Management Component Arbitrary Web Script Injection Vulnerability in Palo Alto Networks PAN-OS Denial of Service Vulnerability in Palo Alto Networks PAN-OS Server-side Request Forgery (SSRF) Vulnerability in Palo Alto Networks PAN-OS Arbitrary Code Execution via Management Interface in Palo Alto Networks PAN-OS Privilege Escalation via User-Writable Directory Trees in MySQL Installation Scripts SQL Injection Vulnerability in com_tag Component 1.7.6 for Joomla! XSS Vulnerability in Simple ASC Content Management System v1.2 Unrestricted File Upload and XSS Vulnerability in Perch Content Management System 3.0.3 SQL Injection in Xavier PHP Management Panel 2.4 via usertoedit and log_id parameters Local attacker can obtain highly sensitive information via unspecified vectors in IBM Security Guardium 10.0 Database Activity Monitor Buffer Overflow Vulnerability in Flexense SyncBreeze Enterprise 10.1.16 Race condition vulnerability in Linux kernel's KEYS subsystem Heap-based Buffer Overflow in bchunk (BinChunker) 1.2.0 and 1.2.1 when Processing Malformed CUE Files Heap-based Buffer Overflow and Invalid Free Vulnerability in bchunk (BinChunker) 1.2.0 and 1.2.1 Access Violation Vulnerability in bchunk (BinChunker) 1.2.0 and 1.2.1 Arbitrary File Download Vulnerability in ConverTo Video Downloader & Converter 1.4.1 Arbitrary File Upload Vulnerability in Ingenious School Management System 2.3.0 SQL Injection Vulnerability in D-Park Pro Domain Parking Script 1.0 via admin/loginform.php SQL Injection via PATH_INFO in Adult Script Pro 2.2.4 Unspecified Vector Information Disclosure Vulnerability in IBM Security Guardium 10.0 Database Activity Monitor SQL Injection Vulnerability in Article Directory Script 3.0 via id Parameter in author.php or category.php SQL Injection Vulnerability in iProject Management System 1.0 via ID Parameter in index.php Arbitrary File Upload Vulnerability in iStock Management System 1.0 SQL Injection Vulnerability in iTech Gigs Script 1.21 via browse-scategory.php and service-provider.php Parameters SQL Injection Vulnerability in Job Board Script Software via PATH_INFO SQL Injection Vulnerability in NS Download Shop Component for Joomla! SQL Injection Vulnerability in Zh YandexMap Component for Joomla! SQL Injection Vulnerability in Mailing List Manager Pro 3.0 SQL Injection Vulnerability in MyBuilder Clone 1.0 via phpsqlsearch_genxml.php Subcategory Parameter SQL Injection Vulnerability in PG All Share Video 1.0 via PATH_INFO Parameter Weak Password Policy in IBM Security Guardium Database Activity Monitor SQL Injection Vulnerability in PHP CityPortal 2.0 via nid and cat Parameters SQL Injection Vulnerability in Same Sex Dating Software Pro 1.0 SQL Injection in SoftDatepro Dating Social Network 1.3 via Multiple Parameters SQL Injection Vulnerability in Sokial Social Network Script 1.0 Authentication Bypass Vulnerability in tPanel 2009 via SQL Injection SQL Injection Vulnerability in Vastal I-Tech Dating Zone 0.9.9 via 'product_id' in add_to_cart.php ZeeBuddy 2x SQL Injection Vulnerability in admin/editadgroup.php SQL Injection Vulnerability in Protected Links - Expiring Download Links 1.0 SQL Injection Vulnerability in AROX School ERP PHP Script 1.0 via office_admin/id Parameter SQL Injection Vulnerability in Shareet - Photo Sharing Social Network 1.0 via the photo parameter Weak Cryptographic Algorithms in IBM Security Guardium 10.0 Database Activity Monitor: A Potential Decryption Vulnerability SQL Injection Vulnerability in US Zip Codes Database Script 1.0 via State Parameter SQL Injection Vulnerability in Responsive Newspaper Magazine & Blog CMS 1.0 SQL Injection Vulnerability in Dynamic News Magazine & Blog CMS 1.0 SQL Injection Vulnerability in MyMagazine Magazine & Blog CMS 1.0 SQL Injection Vulnerability in CMS Lite 1.4 via S Parameter in index.php SQL Injection Vulnerability in Basic B2B Script's product_view1.php pid/id Parameter SQL Injection Vulnerability in CPA Lead Reward Script Exploiting SQL Injection via Fake Magazine Cover Script: Vulnerabilities in rate.php and content.php SQL Injection Vulnerability in Nice PHP FAQ Script via the nice_theme Parameter in index.php SQL Injection Vulnerability in Online Exam Test Application Arbitrary File Upload Vulnerability in Php Inventory & Invoice Management System SQL Injection Vulnerability in Vastal I-Tech Agent Zone (aka The Real Estate Script) SQL Injection Vulnerability in Website Broker Script via 'status_id' Parameter Zomato Clone Script Vulnerability: SQL Injection via restaurant-menu.php resid parameter Archaic Checksum Mishandling in rsync 3.1.3-development before 2017-10-24 Buffer Overflow Vulnerability in readelf in GNU Binutils 2.29 Static RC4 Key Vulnerability in NQ Contacts Backup & Restore Application Insecure Transmission of Contact Data in NQ Contacts Backup & Restore Application Insecure Transmission of Login and User Data in NQ Contacts Backup & Restore Android App Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10.0 Database Activity Monitor SQL Injection Vulnerability in EyesOfNetwork Web Interface (eonweb) 5.1-0 Privilege Escalation Vulnerability in HashiCorp Vagrant VMware Fusion Plugin Vulnerability: Insecure Resource Download in windows-build-tools Header Forgery Vulnerability in http-signature <=0.9.11 Cross-Site Scripting (XSS) vulnerability in Remarkable versions 1.6.2 and lower allows execution of JavaScript via `data:` URIs in links. Invalid Curve Attack in node-jose Allows Private Key Recovery Script Injection Vulnerability in i18next <=1.10.2 Cross-site Scripting (XSS) Vulnerability in ag-grid when used with AngularJS Weak Password Policy in IBM Security Guardium Database Activity Monitor Cross-Site Scripting (XSS) Vulnerability in i18next 2.0.0 and later Denial of Service (DoS) Vulnerability in hapi <= 16.1.0 Denial of Service Vulnerability in Http-proxy Library Cross-Site Scripting (XSS) Vulnerability in Forms Library (Versions < 1.3.0) Cross Site Scripting (XSS) Vulnerability in sanitize-html Library (Versions 1.11.1 and below) Cross Site Scripting (XSS) Vulnerability in sanitize-html Versions 1.2.2 and Below URL Encoded Script Injection in Restify Framework Stored Cross-Site Scripting (XSS) Vulnerability in GitBook Unauthorized Access to Settings in IBM RSA DM Arbitrary Command Execution Vulnerability in Summit Node Web Framework Regular Expression Denial of Service (ReDoS) Vulnerability in uri-js Cross-Site Scripting (XSS) Vulnerability in Morris.js Denial of Service Vulnerability in Decamelize 1.1.0 - 1.1.1 Vulnerability: Information Disclosure via Sync-Exec's Temporary Buffer Denial of Service Vulnerability in Nes WebSocket Extension Library for Hapi Memory Leakage in Request Library Insecure Random Token Generation in react-native-meteor-oauth Directory Traversal Vulnerability in hostr 2.3.5 and Earlier Arbitrary Useragent String Length Vulnerability in Useragent 2.1.12 and Earlier Predictable Socket IDs in Socket.io 0.9.6 and Earlier Insecure Download of Dependencies in hubl-server Module Directory Traversal Vulnerability in `badjs-sourcemap-server` Directory Traversal Vulnerability in `gomeplus-h5-proxy` Allows Unauthorized File Access Directory Traversal Vulnerability in f2e-server 1.12.11 and Earlier Directory Traversal Vulnerability in hftp Server Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Anywhere 7.5 and 7.6 Vulnerability: Remote Code Execution (RCE) via MITM Attack in gfe-sass Library Insecure Resource Download in ikst Versions Before 1.1.2 Arbitrary Command Execution Vulnerability in Growl (before 1.10.2) HTML Injection Vulnerability in Shout IRC Client (Versions 0.44.0 - 0.49.3) Malicious `d3.js` Module: Hijacking Environment Variables Malicious Module Alert: jquery.js Exploiting Environment Variables Title: Malicious `mariadb` Module Exploits Environment Variables mysqljs: Malicious Module Exploiting Environment Variables node-sqlite: Malicious Module Exploiting Environment Variables Title: Malicious Module 'nodesqlite' Exploits Environment Variables, Prompting Unpublishing by npm Title: Malicious Module Alert: sqlite.js Exploits Environment Variables SQLiter: Malicious Module Exploiting Environment Variables Node-fabric: Malicious Module Exploiting Environment Variables Fabric-JS: Malicious Module Exploiting Environment Variables Nodefabric: A Malicious Module Exploiting Environment Variables SQLServer Module Vulnerability: Hijacking Environment Variables MSSQL.js: Malicious Module Exploiting Environment Variables NodeMSSQL: Malicious Module Exploiting Environment Variables Gruntcli: Malicious Module Exploiting Environment Variables mssql-node: Malicious Module Exploiting Environment Variables SQL Injection Vulnerability in IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 Babelcli: A Malicious Module Exploiting Environment Variables Tkinter: Malicious Module Exploiting Environment Variables Node-tkinter: Malicious Module Exploiting Environment Variables Node-opensl: Malicious Module Exploiting Environment Variables Node-OpenSSL: Malicious Module Exploiting Environment Variables OpenSSL.js: Malicious Module Exploiting Environment Variables Opencv.js: Malicious Module Exploiting Environment Variables Node-opencv: Malicious Module Exploiting Environment Variables FFmpeg Malicious Module: Hijacking Environment Variables NodeFFmpeg: Malicious Module Exploiting Environment Variables Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 NodeCaffe: Malicious Module Exploiting Environment Variables nodemailer-js: Malicious Module Exploiting Environment Variables nodemailer.js: Malicious Module Exploiting Environment Variables noderequest: A Malicious Module Exploiting Environment Variables Crossenv: Malicious Module Exploiting Environment Variables Malicious npm Module: http-proxy.js Hijacks Environment Variables Proxy.js: Malicious Module Exploiting Environment Variables Mongose: Malicious Module Exploiting Environment Variables Shadowsock: Malicious Module Exploiting Environment Variables SMB Module Vulnerability: Hijacking Environment Variables Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Nodesass: Malicious Module Exploiting Environment Variables Cross-Env.js: Malicious Module Exploiting Environment Variables Remote Code Execution Vulnerability in pg Module with Specially Crafted Column Names Directory Traversal Vulnerability in node-simple-router Directory Traversal Vulnerability in list-n-stream v0.0.10 or Lower: Unauthorized Filesystem Access Directory Traversal Vulnerability in tinyserver2: Unauthorized Filesystem Access ReDoS Vulnerability in ua-parser User Agent Parser Safe-eval Module Vulnerability: Breaking Out of the Sandbox Directory Traversal Vulnerability in serverlyr: Unauthorized File System Access Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 Directory Traversal Vulnerability in fsk-server: Unauthorized File System Access Directory Traversal Vulnerability in xtalk: Unauthorized File System Access Directory Traversal Vulnerability in Sencisho HTTP Server Directory Traversal Vulnerability in Cyber-JS Server Directory Traversal Vulnerability in iter-http Server Directory Traversal Vulnerability in serverliujiayi1 Directory Traversal Vulnerability in serveryaozeyan HTTP Server Directory Traversal Vulnerability in tiny-http: Unauthorized File System Access Vulnerability: Regular Expression Denial of Service in Charset 1.0.0 and Below Regular Expression Denial of Service (ReDoS) Vulnerability in no-case Module Command Injection Vulnerability in dns-sync's resolve() Method Directory Traversal Vulnerability in serverwg: Unauthorized File System Access Directory Traversal Vulnerability in serverhuwenhui HTTP Server Directory Traversal Vulnerability in serveryztyzt: Unauthorized File System Access Directory Traversal Vulnerability in citypredict.whauwiller Directory Traversal Vulnerability in serverwzl: Unauthorized File System Access Directory Traversal Vulnerability in tmock: Unauthorized File System Access Directory Traversal Vulnerability in PooledWebSocket Directory Traversal Vulnerability in gaoxiaotingtingting HTTP Server Directory Traversal Vulnerability in easyquick Web Server Directory Traversal Vulnerability in weather.swlyons Web Server Regular Expression Denial of Service in hapijs Content Module Regular Expression Denial of Service (ReDoS) Vulnerability in parsejson Module Regular Expression Denial of Service Vulnerability in the Marked Module Regular Expression Denial of Service Vulnerability in Timespan Module Regular Expression Denial of Service (ReDoS) Vulnerability in string module's underscore and unescapeHTML methods Regular Expression Denial of Service (ReDoS) Vulnerability in Slug Module Regular Expression Denial of Service (ReDoS) Vulnerability in Express.js Forwarded Module Regular Expression Denial of Service (ReDoS) Vulnerability in Fresh Module of Express.js Untrusted Code Execution Vulnerability in IBM WebSphere MQ Service Trace Module Directory Traversal Vulnerability in Liyujing Static File Server Directory Traversal Vulnerability in datachannel-client: Filesystem Access via URL Manipulation Directory Traversal Vulnerability in cuciuci Fileserver Directory Traversal Vulnerability in welcomyzt File Server Directory Traversal Vulnerability in node-server-forfront Directory Traversal Vulnerability in rtcmulticonnection-client Vulnerability: botbait module records and tracks sensitive user information Pandora-Doomsday: A Contagious Module Infecting Other Modules Command and Control Server Connection Vulnerability in npm-script-demo Vulnerability: ZIP Bomb Attack in superagent HTTP Client Module Unauthenticated Remote Access Vulnerability in IBM Connections 6.0 Directory Traversal Vulnerability in exxxxxxxxxxx Directory Traversal Vulnerability in unicorn-list Web Framework Directory Traversal Vulnerability in simple-npm-registry Directory Traversal Vulnerability in Goserv HTTP Server Directory Traversal Vulnerability in http_static_simple: Unauthorized File System Access Directory Traversal Vulnerability in serverzyy: Unauthorized Filesystem Access via URL Manipulation Regular Expression Denial of Service (ReDoS) Vulnerability in method-override Module Regular Expression Denial of Service in Debug Module Regular Expression Denial of Service (ReDoS) Vulnerability in Mime Module Directory Traversal Vulnerability in Jikes File Server Directory Traversal Vulnerability in lab6.brit95 File Server Directory Traversal Vulnerability in lab6drewfusbyu HTTP Server Directory Traversal Vulnerability in Infraserver RESTful Server Directory Traversal Vulnerability in commentapp.stetsonwood Directory Traversal Vulnerability in myserver.alexcthomas18 Directory Traversal Vulnerability in sspa Server Directory Traversal Vulnerability in mockserve Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in Shit-Server: Unrestricted Filesystem Access Directory Traversal Vulnerability in serve46: Unauthorized File System Access Directory Traversal Vulnerability in zwserver Allows Unauthorized File Access Directory Traversal Vulnerability in wanggoujing123 Webserver Critical Remote Code Execution Vulnerability in ElectronJS Directory Traversal Vulnerability in static-html-server Directory Traversal Vulnerability in Gaoxuyan: Unauthorized File System Access Directory Traversal Vulnerability in Earlybird Web Server Module Directory Traversal Vulnerability in fast-http-cli Directory Traversal Vulnerability in myprolyz: Unauthorized File System Access Directory Traversal Vulnerability in censorify.tanisjr Directory Traversal Vulnerability in dcserver: Unauthorized File System Access Directory Traversal Vulnerability in caolilinode: Unauthorized File System Access Directory Traversal Vulnerability in 11xiaoli File Server Directory Traversal Vulnerability in Shenliru File Server Directory Traversal Vulnerability in 22lixian File Server Directory Traversal Vulnerability in dylmomo File Server Directory Traversal Vulnerability in desafio Web Server Allows Access to .html Files Directory Traversal Vulnerability in calmquist.static-server Directory Traversal Vulnerability in byucslabsix HTTP Server Directory Traversal Vulnerability in yyooopack File Server Directory Traversal Vulnerability in wffserve Allows Unauthorized File Access Directory Traversal Vulnerability in looppake HTTP Server Directory Traversal Vulnerability in liuyaserver: Unauthorized File System Access Directory Traversal Vulnerability in hcbserver Directory Traversal Vulnerability in section2.madisonjbrooks12 Web Server Directory Traversal Vulnerability in utahcityfinder Allows Unauthorized Filesystem Access Whispercast File Server Directory Traversal Vulnerability Directory Traversal Vulnerability in ewgaddis.lab6 File Server Directory Traversal Vulnerability in Jansenstuffpleasework File Server Directory Traversal Vulnerability in ChatByVista File Server Directory Traversal Vulnerability in intsol-package File Server Directory Traversal Vulnerability in Dasafio Web Server Allows Unauthorized File Access Directory Traversal Vulnerability in serverabc: Unauthorized File System Access Directory Traversal Vulnerability in WintiWebDev Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in serverxxx: Unauthorized Filesystem Access Directory Traversal Vulnerability in iter-server: Unauthorized File System Access Directory Traversal Vulnerability in scott-blanch-weather-app Directory Traversal Vulnerability in uekw1511server: Unauthorized File System Access Directory Traversal Vulnerability in 360class.jansenhm Directory Traversal Vulnerability in open-device Web Interface Directory Traversal Vulnerability in reecerver Web Server Directory Traversal Vulnerability in sly07 API Allows Unauthorized Filesystem Access Directory Traversal Vulnerability in dcdcdcdcdc Directory Traversal Vulnerability in cypserver Directory Traversal Vulnerability in getcityapi.yoehoehne Directory Traversal Vulnerability in mfrs Static File Server Directory Traversal Vulnerability in Picard Micro Framework Directory Traversal Vulnerability in pytservce: Unauthorized File System Access Directory Traversal Vulnerability in QuickServer Directory Traversal Vulnerability in Qinserve Directory Traversal Vulnerability in ritp Web Server Directory Traversal Vulnerability in susu-sum: Unauthorized File System Access Directory Traversal Vulnerability in uv-tj-demo: Unauthorized File System Access Directory Traversal Vulnerability in zjjserver: Unauthorized Filesystem Access CoffeeScript Module: Unauthorized Data Exfiltration during Installation Coffee-Script Module: Unauthorized Data Exfiltration During Installation JQuery Module: Unauthorized Data Exfiltration during Installation Coffeescript Module: Data Exfiltration Vulnerability Coffee-Script Module: Data Exfiltration Vulnerability during Installation Discordi.js: Malicious Module Exploiting Login Tokens Directory Traversal Vulnerability in dmmcquay.lab6 REST Server Directory Traversal Vulnerability in enserver Allows Unauthorized File Access Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Directory Traversal Vulnerability in jn_jj_server: Unauthorized File System Access Directory Traversal Vulnerability in lessindex: Unauthorized File System Access Directory Traversal Vulnerability in ltt Static File Server Directory Traversal Vulnerability in mfrserver Directory Traversal Vulnerability in peiserver Directory Traversal Vulnerability in sgqserve: Unauthorized File System Access Directory Traversal Vulnerability in Tencent-Server: Unauthorized Filesystem Access Directory Traversal Vulnerability in fbr-client via Socket.io and WebRTC Directory Traversal Vulnerability in dgard8.lab6: Unauthorized File System Access Directory Traversal Vulnerability in yttivy: Unauthorized File System Access Certificate Validation Vulnerability in IBM QRadar SIEM 7.2.8 and 7.3 Directory Traversal Vulnerability in wind-mvc Framework Directory Traversal Vulnerability in yzt File Server Directory Traversal Vulnerability in Elding Web Server Directory Traversal Vulnerability in nodeaaaaa: Unauthorized File System Access HTTP 301 Redirect Vulnerability in st Module Aegir JavaScript Project Management Module GitHub Token Exposure Vulnerability Arbitrary Code Execution via Global Function Constructor in static-eval Module Denial of Service Vulnerability in Quagga's aspath_put Function Arbitrary Command Execution via SSH URL in Dulwich (CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, CVE-2017-1000117) Stack-based Buffer Over-read Vulnerability in Ox Gem 2.8.1 for Ruby Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.2 and 7.3 Cross-Site Scripting (XSS) Vulnerability in Typecho 1.1 via admin/write-post.php PCRE 8.41 pcretest Load Test PoC Crash Overflow in match() Function Memory Leak Vulnerabilities in LibTIFF 4.0.8 Arbitrary Write Vulnerability in Vir.IT eXplorer Anti-Virus Driver (VIAGLT64.SYS) OpenStack Nova Filter Scheduler Bypass Vulnerability Insecure Permissions Specification in IBM QRadar 7.3 and 7.3.1 Remote Command Execution in AMAG Symmetry Door Edge Network Controllers Bypassing Fingerprint Authentication on MECO USB Memory Stick Cross-Site Request Forgery Vulnerability in OctoberCMS 1.0.426 (Build 426) Arbitrary File Read Vulnerability in Catalyst-Plugin-Static-Simple Module Debut Embedded HTTP Server Denial of Service Vulnerability IBM Pulse for QRadar 1.0.0 - 1.0.3 Information Disclosure Vulnerability Mitel ST 14.2 API User Enumeration Vulnerability Mitel ST 14.2 Conferencing Component Arbitrary Code Execution Vulnerability Stack-based Buffer Overflow in Insteon Hub 2245-222 Firmware Version 1012 via PubNub Service Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler of Insteon Hub 2245-222 - Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub 2245-222 Firmware v1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Improper Authorization Checks in IBM Business Process Manager 8.6.0.0 REST API for Event Manager Control Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) Allows Arbitrary JavaScript Code Injection Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Cross-Site Request Forgery Vulnerability in IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Cross-Site Scripting (XSS) Vulnerability in IBM Sterling File Gateway 2.2 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware 1012 Buffer Overflow Vulnerability in PubNub Message Handler for cc Channel of Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Information Disclosure Vulnerability in IBM Sterling B2B Integrator 5.2 through 5.2.6 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in PubNub Message Handler for Insteon Hub Firmware Version 1012 Stack-based Buffer Overflow in Insteon Hub 2245-222 Firmware 1012 via PubNub Service Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Buffer Overflow Vulnerability in Insteon Hub Firmware Version 1012 Insteon Hub Firmware 1012: Unauthenticated Reboot Vulnerability XML External Entity (XXE) Vulnerability in SAP BPC Reporting Functionality Use-after-free vulnerability in IBM Tivoli Monitoring V6 6.2.2.x allows remote code execution Heap-based Buffer Overflow in GraphicsMagick 1.3.26's DescribeImage() Function GraphicsMagick 1.3.26 Memory Information Disclosure Vulnerability in DescribeImage Function Arbitrary File Listing Vulnerability in Phusion Passenger 5.1.10 Reflected XSS in Kubik-Rubik SIGE: Remote Code Execution via Crafted Parameters Memory Corruption Vulnerability in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in radare 2.0.1 Out-of-Bounds Read Vulnerability in string_scan_range() in radare 2.0.1 Pointer Wraparound Vulnerability in store_versioninfo_gnu_verdef() in radare 2.0.1 Use After Free Vulnerability in Adobe Acrobat and Reader: Arbitrary Code Execution Security Bypass Vulnerability in Adobe Acrobat and Reader Out of Bounds Read Vulnerability in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions Buffer Over-read Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Security Bypass Vulnerability in Adobe Acrobat and Reader Plugin Type Confusion Overflow Vulnerability in Adobe Acrobat and Reader Stack-based buffer overflow vulnerability in Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, and 11.0.22 and earlier allows arbitrary code execution via a crafted Unicode string in an invalid PDF file. Same Origin Policy Security Bypass Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Uninitialized Pointer Vulnerability in Adobe Acrobat and Reader Uninitialized Pointer Vulnerability in Adobe Acrobat and Reader Type Confusion Overflow Vulnerability in Adobe Acrobat and Reader Security Bypass Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Heap Overflow Vulnerability in Adobe Acrobat and Reader Buffer Over-read Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in TIFF Parsing during XPS Conversion Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Allows Arbitrary Code Execution Use After Free Vulnerability in Adobe Acrobat and Reader Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in JPEG Processing Module Vulnerability Use After Free Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in Adobe Acrobat and Reader Buffer Access with Incorrect Length Value in TIFF Processing Module Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Use After Free Vulnerability in Adobe Acrobat and Reader Untrusted Pointer Dereference in XPS Parsing Module Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Type Confusion Vulnerability in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Adobe Acrobat and Reader GIF Image Conversion Memory Write Vulnerability Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Stack Exhaustion Vulnerability in Adobe Acrobat and Reader Buffer Overflow Vulnerability in Adobe Acrobat and Reader Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management WordPress 4.8.3 SQL Injection Vulnerability in $wpdb->prepare() Privilege Escalation Vulnerability in Hashicorp Vagrant-VMware-Fusion Buffer Overflow Vulnerabilities in Ipswitch WS_FTP Professional 12.6.0.3 and Earlier (WSCLT-1729) Multiple Persistent Stored Cross-Site Scripting (XSS) Vulnerabilities in WebsiteBaker 2.10.0 Denial of Service Vulnerability in yajl-ruby Gem 1.3.0 Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Inedo BuildMaster Privilege Escalation Vulnerability Improper Use of XslTransform in Inedo BuildMaster before 5.8.2 Remote Root Access Vulnerability in MitraStar GPT-2541GNAC (HGU) and DSL-100HN-T1 Devices Undocumented Root Account Vulnerability in MitraStar GPT-2541GNAC (HGU) and DSL-100HN-T1 Devices Unrestricted File Upload and Remote Code Execution Vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D Devices Use-after-free vulnerability in usb_serial_console_disconnect function in Linux kernel before 4.13.8 Denial of Service and System Crash Vulnerability in Linux Kernel Use-after-free vulnerability in Linux kernel allows denial of service via crafted USB device Use-after-free vulnerability in sound/core/seq_device.c in the Linux kernel before 4.13.4 Denial of Service and Out-of-Bounds Read Vulnerability in Linux Kernel's snd_usb_create_streams Function Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) Denial of Service and Out-of-Bounds Read Vulnerability in Linux Kernel USB UAS Driver USB Device Out-of-Bounds Read and System Crash Vulnerability in Linux Kernel USB Device Crafted Payload Causes Kernel Crash USBHID Out-of-Bounds Read and System Crash Vulnerability Out-of-Bounds Read Vulnerability in Linux Kernel USB Driver USB Device Out-of-Bounds Read and System Crash Vulnerability NULL pointer dereference vulnerability in cx231xx_usb_probe function in Linux kernel through 4.13.11 NULL pointer dereference vulnerability in imon_probe function in Linux kernel through 4.13.11 Denial of Service and System Crash Vulnerability in Linux Kernel USB DVB Driver SCSI MICDROP Vulnerability in Docker Moby Local Unprivileged User Information Disclosure in IBM Spectrum Scale Unauthenticated Remote Database Copying in OpenEMR before 5.0.0 Patch 5 TorMoil: Anonymity Bypass Vulnerability in Tor Browser Post-Authentication SQL Injection in Zoho ManageEngine Applications Manager 13 before Build 13500 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 before Build 13500 Arbitrary Code Execution and File Write Vulnerability in BusyBox Tab Autocomplete Denial of Service and Potential Remote Code Execution in GraphicsMagick 1.3.26 Unvalidated Colormap Index Vulnerability in ImageMagick 7.0.7-9 Denial of Service and Potential Remote Code Execution in GraphicsMagick 1.3.26 Heap-based Buffer Over-read Vulnerability in rsync 3.1.2 and 3.1.3-development Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) Allows Arbitrary JavaScript Code Execution Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability Arbitrary Memory Write Vulnerability in K7 Antivirus Premium Local Privilege Escalation in K7 Antivirus Premium before 15.1.0.53 via IOCTL Vulnerability SQL Injection Vulnerability in Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 SanDisk Secure Access 3.01 Vulnerability: Persistent Storage of Decrypted Files Boolean-based and Time-based SQL Injection in friend_index parameter of Ingenious School Management System 2.3.0 Authentication Bypass Vulnerability in UserPro Plugin for WordPress CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Settings Modification Stored Cross-site scripting (XSS) vulnerability in Vonage (Grandstream) HT802 devices via DHCP vendor class ID field (P148) in /cgi-bin/config2 CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Access Insecure FTP Server Allows Unauthorized Access and Full Device Control on Jooan IP Camera A5 2.3.36 Arbitrary Script Injection in Logitech Media Server 7.9.0 via Favorite Logitech Media Server 7.9.0 Cross-Site Scripting (XSS) Vulnerability via Radio URL Injection Open URL Redirect Vulnerability in Zurmo 3.2.1.57987acc3018 CSRF Bypass in KeystoneJS before 4.0.0-beta.7 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5072) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 LZWDecode Filter Parsing Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 via XFA's bind Element (ZDI-CAN-5091) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-5094) Arbitrary Code Execution via XFA Forms in Foxit Reader 8.3.2.25013 Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 via JPEG2000 Image Parsing Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 via ImageField Node in XFA Forms Arbitrary Code Execution via Foxit Reader 8.3.2.25013 Document Object Author Attribute Vulnerability Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 Remote Code Execution in Foxit Reader 8.3.2.25013 via XFA Forms Vulnerability Remote Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5290) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5294) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5295) Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013 (ZDI-CAN-5296) Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 Remote Code Execution Vulnerability in Foxit Reader 8.3.1.21155 (ZDI-CAN-4977) Critical XSS Vulnerability in HCL iNotes Allows Theft of Authentication Credentials Authentication Bypass Vulnerability in NetGain Systems Enterprise Manager 7.2.699 build 1001 NetGain Systems Enterprise Manager 7.2.699 Build 1001 Remote Information Disclosure Vulnerability NetGain Systems Enterprise Manager 7.2.730 build 1034 Authentication Bypass and Information Disclosure Vulnerability Arbitrary File Deletion Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Creation Vulnerability in NetGain Systems Enterprise Manager 7.2.730 NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote Information Disclosure Vulnerability NetGain Systems Enterprise Manager 7.2.730 Build 1034 Authentication Bypass and Sensitive Information Disclosure Vulnerability Arbitrary Code Execution Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Deletion Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Remote Code Execution Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Upload Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Arbitrary File Overwrite Vulnerability in NetGain Systems Enterprise Manager 7.2.730 build 1034 Arbitrary File Creation Vulnerability in NetGain Systems Enterprise Manager 7.2.730 Unauthenticated Remote Information Disclosure in Netgain Enterprise Manager (ZDI-CAN-4718) Arbitrary Code Execution in Netgain Enterprise Manager (ZDI-CAN-4749) Unauthenticated Remote Information Disclosure in Netgain Enterprise Manager (ZDI-CAN-4750) Arbitrary Code Execution in Netgain Enterprise Manager via upload_save_do.jsp (ZDI-CAN-4751) Local Privilege Escalation Vulnerability in libXfont Heap Buffer Overflow Vulnerability in libXcursor and Wayland Authentication Bypass Vulnerability in OpenStack Swauth SSRF Vulnerability in tpshop 2.0.5 and 2.0.6: Remote Information Disclosure and Command Execution Arbitrary Command Execution in MLAlchemy YAML Parsing Arbitrary Command Execution in PyAnyAPI YAML Parser Arbitrary Command Execution in OwlMixin YAML Loading Functionality User Enumeration Vulnerability in SapphireIMS 4097_1 Insecure Direct Object Reference (IDOR) Allows Guest Users to Create Local Administrator Accounts in SapphireIMS Insecure Direct Object Reference (IDOR) Allows Guest User to Change Administrative Password in SapphireIMS 4097_1 Base64 Password Storage Vulnerability in SapphireIMS 4097_1 Unauthenticated Access to Custom Fields in Joomla! (CVE-2017-16642) Joomla! 2-Factor Authentication Bypass Vulnerability XSS Vulnerability in TinyWebGallery v2.4: Remote Code Injection in TWG Explorer Item Listing Bludit v1.5.2 and v2.0.1 XSS Vulnerability in Editor Context Local Attackers Exploit Critical Vulnerability in Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11 Privilege Escalation Vulnerability in Gentoo net-misc/vde Package Tor Browser on Windows before 8.0: Anonymity Bypass Vulnerability Weak Cryptographic Algorithms in IBM Tivoli Key Lifecycle Manager 2.5-2.7: High-Risk Information Decryption Vulnerability Arbitrary OS Command Execution in Cacti 1.1.27 via path_rrdtool Parameter Out-of-bounds Read Vulnerability in PHP Date Extension Out-of-Bounds Read and System Crash Vulnerability in Linux Kernel's parse_hid_report_descriptor Function Denial of Service and System Crash Vulnerability in Linux Kernel's hdpvr_probe Function Denial of Service and Out-of-Bounds Read Vulnerability in ims_pcu_get_cdc_union_desc Function Denial of Service and System Crash Vulnerability in Linux Kernel through 4.13.11 NULL pointer dereference and system crash vulnerability in Linux kernel USB driver Use-after-free vulnerability in Linux kernel through 4.13.11 allows for denial of service or potential other impact via crafted USB device USB device crafted to cause divide-by-zero error and system crash in Linux kernel (CVE-2017-16644) Weak Cryptographic Algorithms in IBM Tivoli Key Lifecycle Manager 2.5-2.7: High-Risk Information Decryption Vulnerability Denial of Service and System Crash Vulnerability in Linux Kernel through 4.13.11 Arbitrary File Access Vulnerability in Roundcube Webmail Open Redirect Vulnerability in Symfony Authentication Handlers CSRF Vulnerability in Symfony's CSRF Protection Implementation Directory Traversal Vulnerability in Symfony Intl Component Privilege Escalation Vulnerability in Gentoo mail-filter/assp Package XML External Entity Injection (XXE) Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Remote Code Execution in Cacti 1.1.27 via Log Path Vulnerability Arbitrary File Read Vulnerability in Cacti 1.1.27 Integer Overflow and Heap-Based Buffer Overflow in sam2p 0.49.4's ReadImage Function Code Injection Vulnerability in OTRS Agent Interface Reflected Cross Site Scripting (XSS) Vulnerability in RemObjects Remoting SDK 9 1.0.0.0 for Delphi Arbitrary Command Execution in Xplico before 1.2.1 via Uploaded PCAP File Name Improper Escaping/Quoting of File Paths in backintime (aka Back in Time) before 1.1.24 Heap-based Buffer Overflow in GraphicsMagick 1.3.26 Arbitrary Code Execution Vulnerability in SoapUI 5.3.0 Project Import Functionality Buffer Overflow Vulnerability in Asterisk Open Source 13, 14, 15, and Certified Asterisk 13.13 Memory Leak in Asterisk Open Source and Certified Asterisk Unauthenticated Remote Impersonation Vulnerability in Datto Backup Agent Unauthenticated Remote Command Execution Vulnerability in Datto Windows Agent SSRF Vulnerability in SAP NetWeaver Knowledge Management Configuration Service and EPBC SAP Startup Service URL Redirection Vulnerability Open Redirect Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Audit Log Injection Vulnerabilities in SAP HANA Extended Application Services 1.0, Advanced Model Unencoded User Inputs in SAP Business Intelligence Promotion Management Application: Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in SAP NetWeaver Internet Transaction Server (ITS) SAP Business Objects Platform Denial of Service Vulnerability Authentication Bypass Vulnerability in SAP Business Intelligence Promotion Management Application Insufficient Encoding of User Inputs in SAP Business Warehouse Universal Data Integration: Cross-Site Scripting (XSS) Vulnerability SAP HANA User Account Enumeration Vulnerability Unauthenticated Trusted RFC Connection Vulnerability Sensitive Information Disclosure in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 DLL Preload Attack Vulnerability in NwSapSetup and Installation Program for SAP Plant Connectivity 2.3 and 15.0 SAP Note Assistant Tool Vulnerability: Tampered File Extraction SQL Injection Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Arbitrary Code Execution Vulnerability in Crestron Airmedia AM-100 and AM-101 Devices Directory Traversal Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Arbitrary Web Script Injection in Crestron Airmedia AM-100 and AM-101 Devices SWFTools 0.9.2 Denial of Service Vulnerability Plaintext Password Storage Vulnerability in Ice Qube Thermal Management Center Ethernet Frame Padding Information Exposure Vulnerability in Moxa NPort Devices SQL Injection Vulnerability in WebAccess Versions Prior to 8.3 Heap-based Buffer Overflow Vulnerability in WECON LeviStudio HMI Vulnerability: Insecure Encryption Key Extraction in Beckhoff TwinCAT 3 ADS Protocol Moxa NPort Vulnerability: Injection Issue Disrupting Device Availability Cross-Site Request Forgery Vulnerability in IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 Path Traversal Vulnerability in WebAccess Versions 8.3.2 and Earlier Geovap Reliance SCADA Version 4.7.3 Update 2 and Prior Cross-site Scripting Vulnerability Cross-Site Scripting Vulnerability in PHOENIX CONTACT FL COMSERVER and PSI-MODEM/ETH Stack-based Buffer Overflow Vulnerability in Advantech WebAccess Versions Prior to 8.3 Stack-based Buffer Overflow Vulnerability in Xiongmai Technology IP Cameras and DVRs Vulnerability: Lack of Encryption in Beckhoff TwinCAT ADS Protocol Allows for Arbitrary Packet Forging Empty Default Password Vulnerability in Moxa NPort W2150A and NPort W2250A Untrusted Pointer Dereference Vulnerability in Advantech WebAccess Versions Prior to 8.3 Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 Unprotected Transport of Credentials in ABB Ellipse: Sniffing Attack Vulnerability Arbitrary Address Specification Vulnerability in Advantech WebAccess SQL Injection Vulnerability in Ecava IntegraXor v 6.1.1030.1 and Prior SQL Injection Vulnerability in Ecava IntegraXor v 6.1.1030.1 and Prior Unrestricted File Upload Vulnerability in Advantech WebAccess Heap-based Buffer Overflow Vulnerability in WECON Technology LEVI Studio HMI Editor v1.8.29 and Prior Stack-based Buffer Overflow Vulnerabilities in WECON Technology LEVI Studio HMI Editor v1.8.29 and Prior Remote Code Execution Vulnerability in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers Information Exposure Vulnerability in PHOENIX CONTACT FL SWITCH Series Products Improper Authorization Vulnerability in PHOENIX CONTACT FL SWITCH Series Path Traversal Vulnerability in Tridium Niagara AX and Niagara 4 Systems Type Confusion Vulnerability in Delta Industrial Automation Screen Editor Delta Industrial Automation Screen Editor: Out-of-bounds Write Vulnerability Authentication Bypass Vulnerability in Niagara AX and Niagara 4 Framework Use-after-Free Vulnerability in Delta Industrial Automation Screen Editor Remote Code Execution Vulnerability in Delta Industrial Automation Screen Editor Improper Input Validation in Advantech WebAccess versions prior to 8.3 Improper Access Restriction to _profiler Routes in Bolt before 3.3.6 Reflected Cross-Site Scripting Vulnerability in Userscape HelpSpot Cross-Site Request Forgery (CSRF) Vulnerability in Userscape HelpSpot Weak Permissions in Hola VPN 1.34 Allows Privilege Escalation via Trojan Horse Files Arbitrary Code Injection via access_token Parameter in Ultimate Instagram Feed Plugin for WordPress Arbitrary File Read Vulnerability in LibreNMS Installation Process XSS Vulnerability in Inedo BuildMaster before 5.8.2 Open Redirect Vulnerability in Inedo BuildMaster before 5.8.2 Allows Remote Attackers to Perform Arbitrary URL Redirection Arbitrary File Read Vulnerability in Sanic before 0.5.1 Arbitrary Command Execution via YAML Parsing in Confire 0.2.0 Arbitrary Command Execution via YAML Parsing in django_make_app 0.1.3 Cross-Site Scripting (XSS) Vulnerability in D-Link DWR-933 1.00(WW)B17 via cgi-bin/gui.cgi Arbitrary Web Script Injection Vulnerability in Synodsmnotify in Synology DiskStation Manager (DSM) Arbitrary Code Injection through User Profile in Synology Surveillance Station Arbitrary HTML Injection in Synology MailPlus Server User Policy Editor Privacy breach vulnerability in Synology Photo Station 6.8.1-3458's Photo Viewer allows remote attackers to access private information via map viewer mode. Arbitrary Code Execution via Object Injection in IBM Data Server Driver for JDBC and SQLJ File and Directory Information Exposure Vulnerability in Synology Surveillance Station Arbitrary Code Injection via Username Parameter in Synology Photo Station Log Viewer Arbitrary Code Execution Vulnerability in Synology Photo Station Bypassing Directory Permission Checks in Synology Universal Search Highlight Preview Arbitrary Code Injection via SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) Clickjacking Vulnerability in Synology SSO Server before 2.1.3-0129 Conserus Workflow Intelligence Application Authentication Bypass Vulnerability Vulnerability: Privilege Escalation via Fake Application Directory in HashiCorp Vagrant VMware Fusion Plugin DTMF Tone Injection Vulnerability in Fermax Outdoor Panel Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 Arbitrary Code Execution via Configuration File Write in MyBB Installer Cross-Site Scripting (XSS) Vulnerability in MyBB Installer (before 1.8.13) Persistent Notification XSS Vulnerability in Home Assistant Server-Side Template Injection in CMS Made Simple 2.1.6 via cntnt01detailtemplate Parameter Reflected XSS Vulnerability in CMS Made Simple 2.2.2 via cntnt01detailtemplate Parameter Reflected XSS Vulnerability in Cacti 1.1.27 via host.php PATH_INFO Arbitrary File Read Vulnerability in Meinberg LANTIME Web Configuration Utility Arbitrary File Read Vulnerability in Meinberg LANTIME Web Configuration Utility Arbitrary File Write and Privilege Escalation Vulnerability in Meinberg LANTIME Devices Arbitrary Web Script Injection in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7 Information Disclosure Vulnerability in IBM OpenPages GRC Platform Vulnerability: File Path Disclosure in Symfony Form Component Stored Cross-Site Scripting (XSS) Vulnerability in geminabox (Gem in a Box) before 0.13.10 via .gemspec File Homepage Value Heap-based Buffer Overflow in SWFTools 0.9.2's wav_convert2mono Function Denial of Service Vulnerability in SWFTools 0.9.2 Denial of Service and Potential Remote Code Execution in SWFTools 0.9.2 Integer Overflow and Heap-Based Buffer Overflow in SWFTools 0.9.2's png_load Function Vulnerability: Inadequate File Extension Filtering in CMS Made Simple 2.2.3.1 Stored XSS Vulnerability in CMS Made Simple 2.2.3.1 via m1_name Parameter Octopus Deploy 3.7.0-3.17.13 XSS Vulnerability in Step Template Name Parameter Cross-Site Scripting (XSS) Vulnerability in MISP 2.4.82 via Crafted Organisation Name Denial of Service Vulnerability in Libav's smacker_decode_tree Function Unauthenticated Access to Sensitive Information in Redmine Reminders Denial of Service Vulnerability in radare2 2.0.1 via Crafted ELF File HTTP Server Directory Traversal Vulnerability in Ulterius Cross-Site Scripting (XSS) Vulnerability in Kirby Panel Heap-based Buffer Over-read in tcpdump (CVE-2020-7048) Improper Handling of Application Requests in IBM WebSphere Application Server Allows Unauthorized File Access Arbitrary Script Injection in Octopus Deploy's All Variables Tab Denial-of-Service Vulnerability in Foxit MobilePDF App for iOS Directory Traversal Vulnerability in Foxit MobilePDF App for iOS Cross-Site Scripting (XSS) Vulnerability in Snap Creek Duplicator Plugin for WordPress Denial of Service Vulnerability in HTCondor's condor_schedd Component Denial of Service Vulnerability in RADOS Gateway in Ceph 12.1.0 through 12.2.1 Stored Cross-Site Scripting Vulnerability in Icon Time Systems RTC-1000 v2.5.7458 and Earlier: Remote Code Injection and Session Hijacking Cross-Site Scripting (XSS) Vulnerability in IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 Double Free Vulnerability in csnmp_read_table Function in collectd XSS Vulnerability in b3log Symphony 2.2.0 Admin Console Denial of Service and Memory Access Vulnerability in libbfd Denial of Service and Possible Remote Code Execution in GNU Binutils 2.29.1 Integer Overflow and Heap-Based Buffer Over-read Vulnerability in GNU Binutils 2.29.1 Negative Pointers Vulnerability in BFD Library Cross-Site Scripting (XSS) Vulnerability in IBM Connections Engagement Center 6.0 Integer-Overflow Vulnerability in print_gnu_property_note Function in GNU Binutils 2.29.1 Integer Overflow Vulnerability in coffgen.c of GNU Binutils 2.29.1 Denial of Service and Potential Remote Code Execution in GNU Binutils 2.29.1 Gemirro before 0.16.0 Stored XSS Vulnerability via Crafted homepage Value Privilege Escalation in PNP4Nagios through 0.6.26 via Unprivileged Account Ownership Sensitive Information Exposure in Photo,Video Locker-Calculator Android App Unauthenticated Stored XSS Vulnerability in Arris TG1682G Devices Arbitrary Code Execution Vulnerability in Trusted Boot (tboot) Allows Overwriting of Dynamic PCRs Local Privilege Escalation in Hashicorp Vagrant-VMware-Fusion 5.0.4 Out-of-Bounds Read Vulnerability in VC-2 Video Compression Encoder in FFmpeg 3.0 and 3.4 Cross-Site Scripting (XSS) Vulnerability in LanSweeper 6.0.100.75 via /Calendar/CalendarActions.aspx Yoast SEO Plugin XSS Vulnerability in admin/google_search_console/class-gsc-table.php Stored XSS Vulnerability in Vonage VDV-23 115 3.2.11-0.9.40 Devices via NewKeyword or NewDomain Field Heap-based Buffer Overflow in Formail's Loadbuf Function Out-of-Bounds Access Vulnerability in Qemu's hw/input/ps2.c during Guest Migration SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 via /manageConfMons.do Groupname Parameter SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13 Improper Configuration and Security Checks in Shibboleth Service Provider Plugin (SSPCPP-763) OpenSAML-C DynamicMetadataProvider Class Security Vulnerability Customer Ticket Information Disclosure Vulnerability in OTRS Cross-Site Scripting (XSS) Vulnerabilities in Atlassian Confluence RSS Feed Macro Vulnerability: Bypassing Bitbucket Auto-Unapprove Plugin via Minimal Brute-Force Vulnerability: User Impersonation in Atlassian Crowd's 'crowd-application' Plugin Module Path Traversal Vulnerability in Atlassian Fisheye and Crucible Cross-Site Scripting (XSS) Vulnerability in Atlassian Application Links Double OGNL Evaluation Vulnerability in Fisheye and Crucible Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Jira's IncomingMailServers Resource Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira PieChart Gadget Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira's Issue Search Resource Server Side Request Forgery (SSRF) Vulnerability in Trello Importer in Atlassian Jira Cross Site Scripting (XSS) Vulnerability in dayrui FineCms 5.2.0 Amazon Key Vulnerability: Exploiting Cloud Cam 802.11 Deauthentication Frames for Unauthorized Access Integer Overflow and NULL Pointer Dereference Vulnerability in SWFTools 0.9.2 Denial of Service Vulnerability in UPX 3.94 via Crafted Mach-O File SSRF Vulnerability in UpdraftPlus WordPress Plugin Race condition vulnerability in UpdraftPlus plugin for WordPress allows remote PHP code execution Buffer Overflow Vulnerability in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1 Unsanitized PATH Vulnerability in Vagrant-VMware-Fusion Double Key Unregistration Integer Overflow Vulnerability in Teluu pjproject Cross-site scripting (XSS) vulnerability in Mistune before 0.8.1 in _keyify function Directory Traversal Vulnerability in ZEIT Next.js before 2.4.1 Arbitrary Web Script Injection in Palo Alto Networks PAN-OS Captive Portal Function Stack-based Buffer Overflow in _nc_write_entry Function in ncurses 6.0 Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 XSS Vulnerability in filp/whoops Util/TemplateHelper.php (CVE-2021-XXXX) Cross-Site Scripting (XSS) Vulnerability in b3log Symphony 2.2.0 Privilege Escalation in Icinga Core through 1.14.0 NULL Pointer Dereference Vulnerability in libming <= 0.4.8 MistServer 2.13 Cross-Site Scripting (XSS) Vulnerability in Failed Authentication Requests Alerts Unauthenticated Information Disclosure in FiberHome LM53Q1 VH519R05C01S38 Portal CSRF Vulnerability in FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 Unauthorized Access to Web Services on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38: A Gateway to WLAN Key/Password Disclosure Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0 Divide-by-Zero Error in SWFTools 0.9.2's wav_convert2mono Function Memory Leak in Bftpd File Rename Function (Bftpd < 4.7) SQL Injection Vulnerability in Piwigo Application (Version 2.9.2 and Prior) Allows Unauthorized Access to User Information Sensitive Information Disclosure in Laravel Framework Privilege Escalation Vulnerability in Arq 5.x for Mac SQL Injection Vulnerability in Tiny Tiny RSS 17.4's Forgotpass Component Impersonation and Privilege Escalation Vulnerability in Auth0 passport-wsfed-saml2 Library Buffer Overflow Vulnerability in libming v0.4.8 or Earlier: printMP3Headers Function Array Index Error in fig2dev Program in Xfig 3.2.6a: Remote DoS and Information Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Unauthorized Access to User Information in Hunesion i-oneNet 3.0.6042.1200 via Brute Force Vonage VDV-23 115 3.2.11-0.9.40 Home Router Reboot Vulnerability Remote Code Execution in LvyeCMS 3.1 via Directory Traversal and PHP Code Injection Cross-Site Scripting (XSS) Vulnerability in LvyeCMS Admin Login Unencrypted HTTP Vulnerability in DuoLingo TinyCards Android App XSS Vulnerability in Horde Groupware 5.2.19-5.2.22 via Calendar -> New Event URL Field XSS Vulnerability in Horde Groupware 5.2.19 and 5.2.21: Exploiting the Color Field in Create Task List Action XSS Vulnerability in Horde Groupware 5.2.19 Allows Remote Code Execution via Name Field Heap-based Buffer Overflow in LibRaw's panasonic_load_raw() Function Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Denial of Service Vulnerability in LibRaw's xtrans_interpolate() Function Local Privilege Escalation: Kernel Memory Address Disclosure via vhci_hcd Driver Out-of-Bounds Read Vulnerability in Linux Kernel's get_pipe() Function Denial of Service Vulnerability in Linux Kernel's stub_recv_cmd_submit() Function NULL pointer dereference vulnerability in stub_send_ret_submit() function in Linux Kernel Stored Cross-site Scripting (XSS) Vulnerability in MapOS 3.1.11 and Earlier Unspecified Privilege Escalation Vulnerability in IBM AIX Arbitrary PHP File Upload Vulnerability in dayrui FineCms 5.2.0 Arbitrary Shell Command Execution via Form Parameter Manipulation in OTRS Directory Traversal Vulnerability in Wowza Streaming Engine Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9, Ac15, and Ac18 devices Unencrypted XML File Disclosure and Privilege Escalation in ManageEngine Desktop Central MSP 10.0.137 Command Injection Vulnerability in Ohcount 3.0.0 Buffer Overflow Vulnerability in xrdp Session Manager Arq for Mac Privilege Escalation via Crafted Update URL Authenticated Directory Traversal Vulnerability in Claymore Dual GPU Miner 10.1 Session Hijacking Vulnerability in IBM Integration Bus 9.0 and 10.0 Stack-based Buffer Overflow in Claymore Dual GPU Miner 10.1 Remote Management Interface Parameter-Entity Reference Mishandling in libxml2's parser.c Infinite Recursion Vulnerability in libxml2's parser.c Privilege Escalation via Insecure chown Call in Icinga 2.x through 2.8.1 Arbitrary OS Command Execution Vulnerability in DBL DBLTek Web Server Unauthenticated Access to Ametys CMS Plugin Allows Account Modification Directory Traversal Vulnerability in Shenzhen Tenda AC9, AC15, and AC18 Devices Buffer Overflow Vulnerability in OptiPNG 0.7.6: Exploiting GIF Format File for Denial-of-Service Attack Use-after-free vulnerability in XFRM dump policy implementation in Linux kernel Clear Text Transmission of User Credentials in IBM Integration Bus 9.0 and 10.0 Arbitrary PHP Code Execution via Theme Upload in October CMS Divide-by-Zero DoS Vulnerability in libsndfile 1.0.25 Use-after-free vulnerability in Exim SMTP daemon allows remote code execution or denial of service via BDAT commands Denial of Service Vulnerability in Exim SMTP Daemon via BDAT Commands Arq 5.10 and Earlier for Mac Local Privilege Escalation Vulnerability Information Disclosure Vulnerability in MISP 2.4.82 Allows Admins to Discover Hashed Passwords NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Arbitrary File Upload and Remote Code Execution in AccessPress Anonymous Post Pro Plugin Weak Cryptographic Algorithms in IBM QRadar SIEM 7.2 and 7.3: A Critical Vulnerability Arbitrary Web Script Injection Vulnerability in UrBackup Server before 2.1.20 Denial of Service Vulnerability in Winamp Pro 5.66 Build 3512 Denial of Service Vulnerability in KMPlayer 4.2.2.4 via Crafted NSV File Unauthenticated Remote Configuration Modification in ZTE ZXDSL 831CII Devices InLinks Plugin for WordPress: Authenticated SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) 2.2.0 Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary File Existence Disclosure in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices Arbitrary Command Execution Vulnerability in IBM QRadar 7.2 and 7.3 Arbitrary Command Execution Vulnerability in TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R Devices SQL Injection Vulnerability in BigTree CMS 4.2.19: Unauthorized Information Disclosure Stored XSS Vulnerabilities in CommuniGate Pro WebMail Components Information Disclosure Vulnerability in IBM WebSphere Portal Insecure Permissions Vulnerability in IBM MQ Managed File Transfer Agent 8.0 and 9.0 Uninitialized Kernel Memory Disclosure Vulnerability in Linux Kernel Memory Corruption Vulnerability in Linux Kernel's check_alu_op Function Memory Corruption Vulnerability in Linux Kernel's BPF Verifier Privilege Escalation via $ORIGIN in RPATH/RUNPATH Denial of Service Vulnerability in IBM Jazz Team Server Affecting Multiple Rational Products Weak Encryption Algorithm in IBM Team Concert (RTC) 5.0-6.0.5 Allows Unauthorized Access to Sensitive Information Untrusted Search Path Vulnerability in Content Manager Assistant for PlayStation Command Injection Vulnerability in D-Link DCS-5009, DCS-5010, and DCS-5020L Devices Vulnerability: Unauthenticated Software Update Execution in Sophos UTM VPN Client Buffer Overflow Vulnerability in QNAP QTS FTP Service Buffer Overflow Vulnerability in QNAP QTS NAS Devices Buffer Overflow Vulnerability in QNAP QTS Login Function Buffer Overflow Vulnerability in QNAP QTS Login Function Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Buffer Overflow Vulnerability in QNAP QTS Versions 4.2.6 and 4.3.x Directory Traversal Vulnerability in YARD Server (CVE-2021-12345) Reflected XSS Vulnerability in Emag Marketplace Connector Plugin for WordPress Denial of Service Vulnerability in Xen through 4.9.x via Mishandling of Populate on Demand (PoD) Errors Xen Privilege Escalation and Denial of Service Vulnerability through Mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) Errors ARM Platform Vulnerability: Information Leakage from DRAM after Reboot in Xen NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Sensitive Information Leakage in IBM Security Privileged Identity Manager 2.1.0 NULL Pointer Dereference Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in OpenStack Nova 16.0.3 Use-after-free vulnerability in mm_init function in Linux kernel before 4.12.10 Use-after-free vulnerability in init_new_context function in Linux kernel before 4.12.10 Divide-by-Zero DoS Vulnerability in aubio 0.4.6 Arbitrary Code Execution via Cross-Site Scripting in Artica Web Proxy Privilege Escalation via CSRF in ZKTime Web Software Reflected XSS Vulnerability in ZKTime Web 2.0.1.12280 - Department Module Directory Traversal Vulnerability in WooCommerce Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in amtyThumb amty-thumb-recent-post Plugin 8.1.3 for WordPress Insecure Permissions Vulnerability in OX App Suite 7.8.4 and Earlier Cross Site Scripting (XSS) vulnerability in OX App Suite 7.8.4 and earlier Arbitrary User Attribute Modification in Open-Xchange OX App Suite Authentication Bypass and Denial of Service Vulnerability in D-Link DIR-605L Model B GarlicRust: Remote Information Disclosure Vulnerability in i2pd and kovri SAML Authentication Bypass and Impersonation Vulnerability in Splunk Web Cross-Origin Vulnerability in Auth0.js Library Allows Token Theft and Unauthorized Service Invocation Arbitrary DLL Code Execution Vulnerability in Amazon Audible for Windows Heap-based buffer over-read vulnerability in elf.c in the Binary File Descriptor (BFD) library Integer Signedness Error and Out-of-Array Read Vulnerability in FFmpeg Buffer Overflow Vulnerability in Wireshark NetBIOS Dissector Vulnerability: Crash in Wireshark IWARP_MPA Dissector CIP Safety Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10 Indeo Otter through 1.7.4 Denial of Service Vulnerability Insecure Group Ownership Setting in Vim Remote Denial of Service Vulnerability in SyncBreeze Enterprise 10.2.12 and Earlier Cross-Site Scripting (XSS) Vulnerability in Webmin Custom Command Functionality Excessive Virtual Memory Consumption Vulnerability in Asterisk's SCCP Protocol Channel Driver User Access Bypass in WordPress before 4.9.1 Unfiltered HTML Upload Vulnerability in WordPress before 4.9.1 Cross-Site Scripting (XSS) Vulnerability in WordPress before 4.9.1 Cross-Site Scripting (XSS) Vulnerability in WordPress Feed Enclosures Heap-based Buffer Overflow in LibTIFF 4.0.9: Remote Denial of Service and Possible Other Impacts Arbitrary JavaScript Injection via OpenGraph Data in Content Cards Plugin for WordPress Predictable Password Reset Vulnerability in gps-server.net GPS Tracking Software (self hosted) 2.x Arbitrary PHP Code Injection in GPS-Server.net GPS Tracking Software Unauthenticated SEH-based Buffer Overflow in Flexense SyncBreeze Enterprise v10.1.16 HTTP Server Privilege Escalation Vulnerability in IBM Storwize V7000 (2076) 8.1 Service Assistant GUI Unauthenticated Access to Webcam Contents and 'Super Admin' Privilege Bypass in Apexis APM-H803-MPC Software SQL Injection Vulnerability in Fiyo CMS 2.0.7 via $_REQUEST['link'] in /system/site.php SQL Injection in Fiyo CMS 2.0.7: Privilege Escalation via app_user/sys_user.php Arbitrary File Read Vulnerability in Fiyo CMS 2.0.7 Unauthenticated Blind Remote Command Injection in Zivif PR115-204-P-RS Web Cameras Unauthenticated Remote Access to Zivif PR115-204-P-RS V2.3.4.2103 Webcams via CGI Parameter Hard-coded Root Password Vulnerability in Zivif PR115-204-P-RS V2.3.4.2103 Web Cameras Path Traversal Vulnerability in KonaKart eCommerce Platform Allows Unauthorized File Access and Server Compromise IBM iNotes 8.5 and 9.0 SUService DLL Hijacking Vulnerability SQL Injection Vulnerability in Techno Portfolio Management Panel 1.0 SQL Injection Vulnerability in Posty Readymade Classifieds Script 1.0 Pool Corruption Vulnerability in IKARUS anti.virus 2.16.15 via ntguard_x64.sys 0.18780.0.0 NULL Pointer Dereference Vulnerability in ntguard_x64.sys 0.18780.0.0 of IKARUS Anti-Virus 2.16.15 via 0x830000c4 DeviceIoControl Request Memory Corruption Vulnerability in IKARUS Anti-Virus 2.16.15 via DeviceIoControl Request in ntguard.sys and ntguard_x64.sys ROBOT Attack: Exploiting TLS Vulnerability in Domino Server for Unauthorized Access Memory Access Violation Vulnerability in GNU Binutils 2.29.1 Integer Overflow in dump_relocs_in_section function in GNU Binutils 2.29.1 NULL Pointer Dereference and Application Crash in libbfd's coff_slurp_reloc_table Function Heap-based Buffer Overflow in _bfd_coff_read_string_table Function in GNU Binutils 2.29.1 Denial of Service and Possible Remote Code Execution in GNU Binutils 2.29.1 Denial of Service Vulnerability in GNU Binutils 2.29.1 NULL Pointer Dereference Vulnerability in Libav 12.2 Denial of Service Vulnerability in Libav 12.2 Denial of Service Vulnerability in Libav 12.2 Weak Cryptographic Algorithms in IBM InfoSphere Streams 4.2.1: A Gateway to Decryption of Sensitive Data Heap-based Buffer Overflow in Libav's ff_free_picture_tables Function DoS Vulnerability in Huawei DP300, RP200, TE30, TE50, TE60, VP9660 Uncontrolled Format String Vulnerability in Huawei VP9660 V500R002C10 Null Pointer Reference Vulnerability in Huawei VP9660 V500R002C10 License Module XML Parser DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Null Pointer Reference Vulnerability in Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; Heap Overflow Vulnerability in Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V Out-of-Bounds Memory Access Vulnerability in Huawei DP300 and Other Products DoS Vulnerability in PEM Module of Huawei Products Information Leak Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Privilege Escalation Vulnerability in IBM Notes and Domino NSD 8.5 and 9.0 Information Leak Vulnerability in Huawei Enjoy 5s and Y6 Pro Smartphones Memory Leak Vulnerability in Huawei Networking Products SIP Module Overflow Vulnerability in Huawei DP300 and Other Devices Overflow Vulnerability in Huawei DP300 and Other Devices Overflow Vulnerability in Backup Feature of Huawei DP300 SIP Module: DoS Exploit Authentication Bypass Vulnerability in Huawei Honor V9 Play Smartphones Buffer Overflow Vulnerability in Huawei DP300 V500R002C00: Remote Code Execution and DoS Attacks Integer Overflow Vulnerability in Huawei DP300 V500R002C00 DoS Vulnerability in Huawei DP300 V500R002C00: Lack of Validation in Malloc Arbitrary Lock Pattern Change Vulnerability in Huawei HiWallet App Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Timergrp Module Insufficient Validation Vulnerability in Huawei Networking Devices Out-of-Bounds Write Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Memory Leak Vulnerability in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R DoS Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and Others Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Out-of-Bounds Memory Access Vulnerability in Huawei IPS Module V500R001C00 and V500R001C20 Information Exposure Vulnerability in Huawei Smart Phones DoS Vulnerability in Huawei Smart Phones: System Information (SI) Message DoS Improper Permission Settings in IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 Buffer Overflow Vulnerability in Huawei AR and NetEngine Devices Authentication Bypass Vulnerability in Huawei Smart Phones' 'Find Phone' Function Memory Leak Vulnerability in Huawei Secospace USG6600 and USG9500 Series Out-of-Bounds Memory Access Vulnerability in Huawei Secospace USG6600 V500R001C30SPC100 Memory Leak Vulnerability in Huawei Secospace AntiDDoS8000 V500R001C20SPC500 Out-of-bounds read vulnerability in Huawei Quidway devices Resource Exhaustion Vulnerability in Huawei and Secospace USG Devices Use of Broken or Risky Cryptographic Algorithm Vulnerability in Huawei DP300, TP3206, ViewPoint 9030 Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Huawei Smart Phones Denial of Service (DoS) Vulnerability: Malicious APK Installation and System Restart Exploit Privilege Escalation Vulnerability in Huawei LYO-L21 Smart Phones Arbitrary Memory Free Vulnerability in Mate 9 Pro Huawei Smart Phones Weak Algorithm Vulnerability in Huawei Products: Information Leakage via Bleichenbacher Attack Denial of Service (DoS) Vulnerability in SMS Module of Mate 9 Pro Huawei Smartphones Arbitrary Memory Read/Write Vulnerability in Huawei Mate 9 and Mate 9 Pro Smartphones Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices DoS Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Arbitrary Command Execution via Shared Memory IPC in IBM Notes 8.5 and 9.0 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices DoS Vulnerability in Certain Huawei Smartphones with Software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 Out-of-Bounds Read Vulnerability in Huawei AR and NetEngine Devices Remote Code Execution Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Remote Code Execution Vulnerability in Huawei HG532 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-Bounds Write Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-bounds read vulnerability in SCCPX module of Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Invalid Memory Access Vulnerability in Huawei SCCPX Module SQL Injection Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Invalid Memory Access Vulnerability in Huawei SCCPX Module Remote Code Execution Vulnerability in Huawei eSpace 7950 and eSpace 8950 Remote Code Execution Vulnerability in Huawei eSpace 7950 and eSpace 8950 Language Package Upload Directory Traversal Vulnerability in Huawei eSpace Products Null Pointer Dereference Vulnerability in Huawei Smart Phones Buffer Overflow Vulnerability in Huawei Mate 9 Pro NFC Module Arbitrary URL Loading Vulnerability in TripAdvisor App on Huawei Mobile Phones Out-of-Bounds Memory Access Vulnerability in Huawei Mate 10 GPU Driver Directory Traversal Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Cross-Site Scripting (XSS) Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3 Undisclosed Vulnerability in IBM Jazz Team Server Affects Multiple Rational Products Out-of-Bounds Write Vulnerability in Huawei AR and NetEngine Devices Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Out-of-Bounds Read Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Memory Leak Vulnerability in Huawei AR and USG Series Routers Memory Leak Vulnerability in Huawei AR and USG Series Routers Resource Management Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030 Sensitive Information Disclosure in IBM Tivoli Key Lifecycle Manager (CVE-2020-4427) Authentication Bypass Vulnerability in Huawei Mate 9 Pro Smart Phones Information Leak Vulnerability in Huawei Mobile Phones with NFC Module Out-of-Bounds Read Vulnerability in Huawei SFTP Module Buffer Overflow Vulnerability in Huawei SCCP Module Out-of-Bound Read Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Resource Management Error Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Buffer Overflow Vulnerability in Huawei Mobile Phones' Bluetooth Module Out-of-Bound Write Vulnerability in Huawei AR and NetEngine Series Routers Out-of-Bound Read Vulnerability in Huawei Products Integer Overflow Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager LDAP Client Resource Exhaustion Vulnerability Memory Leak Vulnerability in Huawei AR and NetEngine Series Routers Denial of Service Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR-TE, AR-TP, DP, MAX PRESENCE, NetEngine, RP, SRG, and TE Series Routers Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, MAX PRESENCE, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206 Null Pointer Dereference Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR-TE, AR-TP, NetEngine, MAX PRESENCE, RP200, SRG, and TE Series Routers Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RP200, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG9500, USG9520, USG9560, USG9580, ViewPoint 9030, eSpace U1981 Memory Leak Vulnerability in Huawei AR, AR-S, AR-S, AR, AR-S, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR, AR Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RP200, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, USG6500, USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG9500, USG9520, USG9560, USG9580, ViewPoint 9030, eSpace U1981 Buffer Overflow Vulnerability in Huawei AR, AR-S, AR-SG, AR-SR, AR150, AR160, AR200, AR2200, AR3200, AR3600, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 9030 Insufficient Input Validation Vulnerability in Huawei AR and NetEngine Series Routers Numeric Errors Vulnerability in Huawei Networking Products Weak Cryptography Vulnerability in Huawei AR, CloudEngine, DP300, SMC2.0, SRG, TE, VP9660, ViewPoint, eSpace IAD, eSpace U1981, eSpace USM Memory Leak Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Devices Information Disclosure Vulnerability in Huawei DP300 V500R002C00 and other products using CIDAM protocol Multiple Input Validation Vulnerabilities in CIDAM Protocol on Huawei Products Bleichenbacher RSA Padding Oracle Vulnerability in Huawei Firewall Products Array Out-of-Bounds Read Vulnerability in Certain Huawei Smartphones Out-of-Bounds Read Vulnerability in Huawei VNS-L21AUTC555B141 Smartphones Invalid Memory Access Vulnerability in Huawei SCCPX Module Path Traversal Vulnerability in Huawei HG255s-10 V100R001C163B025SP02 Allows Unauthorized Access to Local Files Privilege Escalation Vulnerability in IBM WebSphere Application Server Administrative Console Buffer Error Vulnerability in Huawei ENUM Module Huawei Firewall Products IPSEC IKEv1 DoS Vulnerability Huawei Firewall Products IPSEC IKEv1 DoS Vulnerability Buffer Overflow Vulnerability in HUAWEI P9 Lite InputHub Driver Invalid Memory Access Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Numeric Errors Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 Out-of-bounds read vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, and TE60 devices Buffer Overflow Vulnerability in Huawei USG and Secospace Devices Denial of Service (DoS) Vulnerability in Huawei E5771h-937 Mobile Broadband Products Information Disclosure Vulnerability in Huawei P9 Smartphones Insecure Cookie Handling in IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 Memory Double Free Vulnerability in Huawei Mate 9 Pro Smartphones with LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 Software Buffer Overflow Vulnerability in Huawei eNSP Software Information Disclosure Vulnerability in Huawei Honor Smart Scale Application Improper Authorization Vulnerability in Huawei iBMC Software Integer Overflow Vulnerability in Huawei Mate 9 Pro Camera Driver Huawei HiCinema Video Applications: Permission Control Vulnerability Activation Lock Bypass Vulnerability in Huawei Mate 9 Pro Smartphones Improper Resource Management Vulnerability in Huawei MHA-AL00AC00B125 Software Integer Overflow Vulnerability in Huawei Smartphones with MHA-AL00AC00B125 Software: Risk of Information Disclosure Memory Leak Vulnerability in Huawei ViewPoint 8660 V100R008C03 Local User Can Read Sensitive Information in IBM QRadar 7.3 Log Files Memory Leak Vulnerability in Huawei AR3200 and NGFW Module Information Disclosure Vulnerability in IBM Jazz Team Server Undisclosed Privilege Escalation Vulnerability in IBM Rational Quality Manager Vulnerability: Denial of Service in QEMU Virtio Vring Implementation ROBOT Attack: Bleichenbacher RSA Padding Oracle Vulnerability in Citrix NetScaler ADC and Gateway Cross-Site Scripting (XSS) Vulnerability in Jenkins 2.93 - SECURITY-624 Root Access Vulnerability in ISPConfig 3.x before 3.1.9 via Crafted Cron Job Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management Command Injection Vulnerability in Ruby's Net::FTP Library Unauthenticated Remote Code Execution in Netgain Enterprise Manager (ZDI-CAN-4753) Arbitrary Code Execution in NetGain Systems Enterprise Manager v7.2.699 Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 (ZDI-CAN-5101) Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 Improper Handling of Administrative Console Panel Fields in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Arbitrary Code Execution Vulnerability in Bitdefender Internet Security 2018 Remote Code Execution in Linksys WVBR0 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via Unauthenticated GET Requests (ZDI-CAN-4223) Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackupTargetSet Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Count Method Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPhaseStatus Acknowledge Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUPolicy Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUTransferHistory Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUJobCountHistory Get Method Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 (ZDI-CAN-4232) Unauthenticated Remote Code Execution in Quest NetVault Backup 11.3.0.12 Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUBackupSegment Get Method Remote Code Execution in Quest NetVault Backup 11.3.0.12 via NVBUScheduleSet Get Method Arbitrary Code Execution Vulnerability in Quest NetVault Backup 11.3.0.12 Heap Overflow Vulnerability in glibc 2.26's malloc Function Vulnerability: Adaptive-Chosen Ciphertext Attack on Radware Alteon Devices ROBOT Attack: Decrypting TLS Ciphertext Data in Cavium Nitrox and TurboSSL SDKs Insufficient Authentication in K7 Antivirus Premium Allows Unauthorized Access to Raw Hard Disk Improper Handling of Administrative Console Panel Fields in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Arbitrary Command Execution in Sangoma NetBorder / Vega Session Controller Multiple Cross-Site Scripting (XSS) Vulnerabilities in GeniXCMS 1.1.5 Denial of Service Vulnerability in OpenAFS 1.x before 1.6.22 Bypassing Access Restrictions in rsync Daemon Bypassing Access Restrictions in rsync Daemon Vaultek Gun Safe VT20i: Remote Unlock Vulnerability Lack of Encryption in Vaultek Gun Safe VT20i Allows Passcode Eavesdropping Remote Denial of Service Vulnerability in Heimdal KDC Denial of Service Vulnerability in GNU Libextractor 1.6 via Crafted Multimedia Files Reflected Cross-Site Scripting Vulnerability in BlackBerry UEM Management Console OPC Foundation Local Discovery Server (LDS) 1.03.370 Configuration File Crash Vulnerability Denial of Service Vulnerability in Game_Music_Emu Library Linux Kernel Local Privilege Escalation Vulnerability Netlink Message Sniffing Vulnerability Linux Kernel xt_osf.c Local Privilege Escalation Vulnerability XSS Vulnerability in WP Mailster Plugin's Unsubscribe Handler Cross Site Scripting (XSS) Vulnerability in Mahara 16.10, 17.04, and 17.10 Man-in-the-Middle Vulnerability in Mahara Versions 16.10 to 17.10.2 Arbitrary Code Execution via Malformed Mercurial Repository Arbitrary Command Execution via SSH URL in Fossil Cross-Site Request Forgery Vulnerability in IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) Vulnerability: Information Disclosure in Vivo Modems via index.cgi?page=wifi NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 NULL Pointer Dereference Vulnerability in K7 Antivirus 15.1.0309 Arbitrary Write Privilege Escalation Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Other Impact in TG Soft Vir.IT eXplorer Lite 8.5.42 Local Privilege Escalation and Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service Vulnerability in IBM WebSphere MQ 9.0 and 9.0.x Denial of Service and Possible Impact Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Impact Vulnerability in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Arbitrary Code Execution in TG Soft Vir.IT eXplorer Lite 8.5.42 Denial of Service and Possible Other Impact in TG Soft Vir.IT eXplorer Lite 8.5.42 Session Hijacking Vulnerability in OTRS 4.0.x, 5.0.x, and 6.0.x Unauthenticated Remote Stored XSS Vulnerability in Pexip Infinity XSS Vulnerability in Pegasystems Pega Platform's Designer Studio