Voltage SecureMail Server versions prior to 7.3.0.1 suffer from a business logic bypass vulnerability.
b53c96eab5d8c151a79e3e19d8f33fb25b15aff01cf1c97bef66654ec56cf63d
Gemalto (Thales Group) DS3 Authentication Server and Ezio Server versions prior to 3.1.0 suffer from semi-blind OS command injection, local file disclosure, and broken access controls that when combined allows a low-privileged application user to upload a JSP web shell with the access rights of the lower privileged Linux system user "asadmin".
0ed8c2d2c9c1f2f828d34bae21d8e4a001f9cbbc1692d968c69dd7410a22ca56