Webiness Inventory version 2.9 suffers from a remote shell upload vulnerability.
40336d3af53a8ba585646fbedc4366f3618af0f92e4e24bfa7992e3b7063a57d
WordPress Arforms plugin versions 3.5.1 and below suffer from an arbitrary file deletion vulnerability.
eec5913d7e98c93148a427b5533b2edf6c4b543e9e8fc4ce4b3f0fd2e675535c
ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.
3b57e1d843a64059edf1200acba22a276913db2838fb449328d307badda0ce0e
Ubuntu Security Notice 3802-1 - Narendra Shinde discovered that the X.Org X server incorrectly handled certain command line parameters when running as root with the legacy wrapper. When certain graphics drivers are being used, a local attacker could possibly use this issue to overwrite arbitrary files and escalate privileges.
3e1800b73c06b9c5d9e9432c23ff8f3942aa93d0c796d9685eac915ed9e32c29
Shell In A Box versions 2.2.0 and below suffer from an infinite loop denial of service vulnerability.
cf504b640b61a6a0ad0b121dbbe3f7bee85c6e61335a525740f2aa402cebc279
HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly.
8f152ff2c4f8e62b07f2d5b2c106633d4aa5a263ab60b54c6da64427b460e860