WordPress Google Maps plugin version 2.1.2 suffers from a cross site scripting vulnerability.
f9844dd54b9498055970a52b9ba3b5cd
WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from multiple cross site request forgery vulnerabilities.
625ced56b0cca98e30d45e32fb4b8dcf
WordPress Email Users plugin version 4.8.3 suffers from a cross site request forgery vulnerability.
b62a138839af9627696d31ca2bd6890c
WordPress Peter's Login Redirect plugin version 2.9.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
164261e2b6677c675ff9d7ad23a326d9
WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from a stored cross site scripting vulnerability.
f0ce8f15f849c182b8d5d9749db7f90d
Taser Axon Dock version 3.1 suffers from authentication bypass vulnerabilities.
610172bfaf49b7ab2d9fb5729ecbd246
Stash CMS version 1.0.3 suffers from a remote SQL injection vulnerability.
55790a0ec2601c8f91f6ae69d1f71743
nopCommerce version 3.70 suffers from a cross site scripting vulnerability.
a2ff01c1639a3eb2b26e9d9118b1813d
OpenCart version 2.0.3.1 suffers from a cross site scripting vulnerability.
1bcebd45a68c1ba36cd7e4594c685b3c
Ubuntu Security Notice 3061-1 - Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause OpenSSH to consume resources, leading to a denial of service. Various other issues were also addressed.
6cd4c17a7cea97f346989d636afe8d94
Debian Linux Security Advisory 3648-1 - Multiple vulnerabilities were discovered in the dissectors for NDS, PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in denial of service or the execution of arbitrary code.
7d9a1981d5360ad4e39652e20db69e96
A cross site request forgery vulnerability in the Telegram Bot API can allow for denial of service attacks.
64297ed3dab411f1c63fa2afe6521ab2
Linksys E2500 and E1200 devices suffered from a command injection vulnerability.
4a9806bc0b231056d9a9f35fdc20cac9
Parent controls on the Linksys E1200 suffered from having missing authorization controls.
3c0fca9a22c61bce7065467c592c5e92
PayPal suffered from a two-factor authentication bypass vulnerability.
5fd8a55eb3be5fd0fd4a9fd7259e0dea
Joomla AceFTP component appears to suffer from an arbitrary file download vulnerability.
ba8083aabec860386c829a33fb43ca68