EllisLab ExpressionEngine Core versions prior to 2.9.0 suffer from multiple authenticated remote SQL injection vulnerabilities.
54d576bf2854ade7d5e970b099908aa7fdc8da9bbb562477b70e54d0cf8bc273
dompdf version 0.6.0 suffers from an arbitrary file read vulnerability.
92b8dc520430a9519be7065511e00f1c9c0dee972e93abecf56f7088fcb5f2e8