Various JVC products suffer from having weak and poorly protected credentials, cross site request forgery, cross site scripting, header injection, and information disclosure vulnerabilities.
fc168804d16f10a1f8c086897745b694f2bcb704a0a00660b6c587184c4c1964
eXtplorer version 2.1.9 suffers from a traversal vulnerability.
7d0204d220f9eeb1e9e9f56e4582fe2bd2d8ac4210b3d6cb620a8029967ee016
This bulletin summary lists two bulletins that have undergone a major revision increment.
0ab0b3d62a621494c7fcc2fced5ffe038027cabbbefbd0e37da34b4e330554ff
The tmcdos dns_dhcp web interface suffers from a remote SQL injection vulnerability.
b37f50b08fa6a68c7cdcc55a2d02597eae2b0ef90c457e431fae7b0a88e0f592
CakePHP Framework versions 3.2.4 and below suffer from a vulnerability that allows users to spoof the source IP address logged by the server.
1622c97f61d826f0b1ac17dd524ddc11ef087ce3f89a0a231f688451fb208d52
runAV with mod_security suffers from a command injection vulnerability that leads to privilege escalation providing the clamscan binary is setuid.
bdba22ff6e69274f11a7562bef9ed503271afdbace54eebcfb3853ad25e4c0df
NRSS News Reader version 0.3.9-1 suffers from a buffer overflow vulnerability which allows local attackers to obtain privileged access when exploited.
b5f3a2404aafd8eda6e505827572e621bcf0d5d5702bc0d990458b962448eb94
HipChat Server versions below 2.0 build 1.4.1 suffer from vulnerabilities including code execution, insufficient shell characters, file deletion, file moving, local file read, and Server-Side Request Forgery.
51f7ff56cb32406c73d6232aee84e2cf2951d8dbfedaba6c3b94f1aa3ec2d083