File Management System version 1.1 suffers from a persistent cross site scripting vulnerability.
6760937171e4603abd1a973f62fc8ee3f1c10c5e71c1ca89263849fb9a6ed1a3
o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.
ed073540b55db066df4e43d61452b19af671d57a6dad0ef1271c98600b232356
Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.
2010fb70717eed823f1bf4f1c9f8436da1844b077ea4ef32867f8306a4680a29
Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.
bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d
Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.
63f82ab2668cd76e8c576715141ddcdae04ec41e73b11fc6fb4a9139a2bf5851
Ubuntu Security Notice 4413-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
7a63d1c745b27c7f807d07be0abf46a26c852cbe525f46d1aa4f51136fa76590
Ubuntu Security Notice 4412-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
4ff2368c3d486b4136ca213bbadd144700d05b48e79abfc439bdeeb2dc463585
Ubuntu Security Notice 4411-1 - It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
77e9c423b2b22128a3f4021165dc16f0f69900cc8b3347190e6b8901fb3fdede
Ubuntu Security Notice 4414-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
ec1a7baec52bd131ecb393a55700b5d470ac7a5dd70696941fbd4f55b47787c4
Ubuntu Security Notice 4410-1 - A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server.
7e00938f433fc52f65dc9d7418d27840ada4961e56649b55e96b5325913cf957
OCS Inventory NG version 2.7 suffers from a remote code execution vulnerability.
8db0eac32fb7a342c1daddb40e1e0d0616bf7f0bbafcb81612ed17bfba8b9129
ZenTao Pro version 8.8.2 suffers from a remote command injection vulnerability.
88047021ac7e39af78404eaf3bc03d029ca987e039a286560260a125bbf65e1f