miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response.
eae3b67315257af4d12b280c414e11e2785f5cea3165a59b4f1fa16af40318f8
A malicious sftp server may force a client-side relative path traversal in jsch's implementation for recursive sftp-get allowing the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process. Versions 0.1.53 and below are affected.
dfd3deafc8949119431558bc8219895f763a1d7d6a7b008eccb812e5d19ba8c3
PuTTY / PSCP versions 0.66 and below suffer from a buffer overflow vulnerability. Proof of concept code included.
6d2b3558ad305a2127d39e8456e3f26082ca091a09253ee93d740417df3f0fd8
vBulletin version 4.x suffers from a remote SQL injection vulnerability via the xmlrpc API.
4d654cafffbaa0e60198185148d72d94e11af44899ca3540c2c4acf99684e1dc
vBulletin versions 5.x and 4.x suffer from a persistent cross site scripting vulnerability.
5d7e0332012b5ff0ccca849a35d2ba9c2d680f444985d0f62bc7fcbac0ad9c1d