KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault.

VMware Security Advisory 2019-0001 - VMware product updates resolve a mishandled file descriptor vulnerability in the runc container runtime.

Listing Hub CMS version 1.0 suffers from a remote SQL injection vulnerability in pages.php.

ZuzMusic version 2.1 suffers from a persistent cross site scripting vulnerability.

JobFinder suffers from a cross site scripting vulnerability.

WeHelp version 1.6 suffers from a cross site scripting vulnerability.

Find a Place CMS Directory version 1.5 suffers from a remote SQL injection vulnerability.

Jinja2 version 2.10 suffers from a command injection vulnerability.

MyBB Trash Bin plugin version 1.1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

Core FTP/SFTP Server version 1.2 build 589.42 suffers from a denial of service vulnerability.

ApowerManager version 3.1.7 suffers from a denial of service vulnerability.

DomainMOD version 4.11.01 suffers from multiple cross site scripting vulnerabilities.

LayerBB version 1.1.2 suffers from a cross site request forgery vulnerability.

MediaMonkey version 4.1.23 suffers from a denial of service vulnerability.

WordPress Booking Calendar version 8.4.3 suffers from a remote SQL injection vulnerability.

exacqVision ESM version 5.12.2 suffers from a privilege escalation vulnerability.

Linux kvm_ioctl_create_device() installs fd before taking reference.

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

Debian Linux Security Advisory 4391-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

Free IP Switcher version 3.1 suffers from a denial of service vulnerability.

AirMore version 1.6.1 suffers from a denial of service vulnerability.

VSCO version 1.1.1.0 suffers from a denial of service vulnerability.

UniSharp Laravel File Manager version 2.0.0-alpha7 suffers from an arbitrary file upload vulnerability.

Navicat for Oracle version 12.1.15 suffers from a denial of service vulnerability.