Barco Control Room Management Suite versions prior to 2.9 build 0275 suffer from a directory traversal vulnerability.
b1ec333a285f727f101ec39e59974d8125d1c1f97f298850e6ec2b47b08d879f
M-Files Web versions prior to 20.10.9524.1 and M-Files Web versions prior to 20.10.9445.0 contain an improper range header processing vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges (via HTTP requests with a specially-crafted Range or Request-Range headers) to cause the web application to compress each of the requested bytes, resulting in a crash due to excessive memory and CPU consumption and preventing users from accessing the system.
156f6be8e8269992c6311ee1cad599e1338e7f7bf24b2810bb20c39727986b7c
Zoho ManageEngine OpManager versions 12.3 before build 123239 suffers from a cross site scripting vulnerability in the Alarms section.
86d14a418d1c96a1de4aea21241185938cae7766df1b79f5ba59466c6647d576
Zoho ManageEngine OpManager versions 12.3 before build 123239 suffers from a remote SQL injection vulnerability in the Alarms section.
df3b4cca1a33cee2c1b1466213ad18fa0d9f4707c689196c5a9641e212dd2ad0
Zoho ManageEngine OpManager versions 12.3 before 123238 suffer from a remote SQL injection vulnerability in the getGraphData API.
1a049e8278a847b77887e080ec099b64303b5a9ab7a770820a6961d579f33b08
Zoho ManageEngine OpManager version 12.3 prior to build 123237 has a cross site scripting vulnerability in the domainController API.
b757a066966d43dab92e82b070ec0aa7cb574a7fac46efeaa46eea3d52d17b5c
Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.
4f3c08804393e70f710c96815caa8549c3dc5e71017eeb4012d2c44a6bb278d1
Zoho ManageEngine OpManager version 12.3 suffers from an arbitrary file upload vulnerability.
b33e29926189ccf274c11a2f500355455426ce1a4b36d07449efbf681fa210ab
ManageEngine OPManager version 12.3 suffers from a persistent cross site scripting vulnerability.
4accf5407115e8f4a22709ea0edfcf808b651f9a993ef1576a3d1abecdc13910
ManageEngine OPManager version 12.3 suffers from a remote SQL injection vulnerability.
4b6a4ea76848ab6114a56a416f3fbcbcf9f30c0019d583b5a31c9da234e2a04f