Ipswitch MOVEit DMZ versions 8.1 and below suffer from an authorization bypass vulnerability.
0c6c3fa941b2112ee4be3c318d22e87d05cf584bc71e375f4bde79ce23e727e9
McAfee File Lock Driver does not handle correctly GUIDs of the encrypted vaults, which allows to crash the host by crafting a specific IOCTL with a malformed Vault GUID which is used to identify an object of FILE_DEVICE_DISK DeviceType, causing a kernel stack based buffer overflow. McPvDrv.sys version 4.6.111.0 is vulnerable.
630b8a3d4523538ded4d87575e898edf1599ae13e6a4b1b0f4e7d8231325f5d6
McAfee File Lock Driver McPvDrv.sys version 4.6.111.0 suffers from a memory leak vulnerability.
04c8d5c31b7ee243b018718bfc3219e46bdaa41850c8c43eb7249df641e6d335
Horizon HD / WiFi suffers from a weak wifi passphrase generation vulnerability.
078e609265d0354d2c20ab26b50fe6f37418e788f664f00ad8e155e3244bb7b5
WordPress Appointment Booking Calendar plugin version 1.1.24 suffers from a remote SQL injection through addslashes.
f50b726fd5aa53e19ad3f34f743c544fe51d0489b26fd23bee63b91da753dccc
VLC Media Player version 2.2.1 suffers from a heap memory corruption vulnerability when handling malformed mp4 files.
43dc83338e58a0b5197ace97ec0c305748e3b03d919076f55f3174e828eb1787
Trend Micro Direct Pass suffers from filter bypass and cross site scripting vulnerabilities.
427ee5ce8144ceff06d82ae31e267ce7cab12ba8ddde6940b78a4dc9125c6c9e
WordPress Appointment Booking Calendar plugin versions 1.1.24 and below suffer from privilege escalation and cross site scripting vulnerabilities.
b8ef07d7c19363e2128f8f09d9ae5133d90fd0610c5195d1948cf38e3f39ac69
AdMentor version 1.00 suffers from a database disclosure vulnerability.
74a1022c4799306110ebe0c25ee74f4418b4f33236ec1e52e48bfe76c7477810
Telegram (API) suffers from a cross site request forgery vulnerability.
802eff87ae7f9f7ba843fe8d7b47bc428cbe6416129a5cbd05dd0d2b913bea71
Classic Infomedia suffers from an authentication bypass vulnerability.
370e697a0c6a2590ea76c4a441e09eb69b5a48aca2d091edf5def22fc99073e6
Ramui Forum Script version 9.0 suffers from a remote SQL injection vulnerability.
11f887a9a159c300c9a568ce9b1b7f03edeccab1c6a9649f05342a71bc820950
Ramui Web Hosting Directory Script version 4.0 suffers from a remote file inclusion vulnerability.
aa35762def5bbc70f7ad04ad58599ba7b185f3c2d6b58076ad7ff4c231283aa2
OpenSSL Security Advisory 20160128 - Historically OpenSSL usually only ever generated DH parameters based on "safe" primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be "safe". Where an application is using DH configured with parameters based on primes that are not "safe" then an attacker could use this fact to find a peer's private DH exponent. This attack requires that the attacker complete multiple handshakes in which the peer uses the same private DH exponent. For example this could be used to discover a TLS server's private DH exponent if it's reusing the private DH exponent or it's using a static DH ciphersuite. Other issues were also addressed.
d50931cebdf0a0acaa97a892bb010a2edb2d2c635c92fe22e53e92c6c950ea3f
New Era Company suffers from a remote SQL injection vulnerability.
787972259fb8a7a051bda95d91c0394f314d87e838066136dfd8758deca1df79
Liga Manager Online (LMO) version 4.0.2 suffers from a cross site scripting vulnerability.
358152c719929c66f18bb18ab62a8b3eeebb75937d2b29b29d9a8f5fa35b037a
eBay Magento suffered from a persistent mail encoding vulnerability.
1f7e3c4c0d1e24a790c770bc054c59941b6b14c695d15033a678f7bdd0ccdf23
WebMartIndia CMS 2016 Q1 suffers from a remote SQL injection vulnerability.
7a954303edd1fbd1a4180f4e25eb2154be9a376ee8ad48c8e47b7f11b460c974
los818 CMS 2016 Q1 suffers from a remote SQL injection vulnerability.
c0f0393966766019c1f39469ca02d317193c671bff9567c593fa7c0d4a1be6ec
Apple Watch suffers from a denial of service vulnerability.
9cc3a0d304547ffdd304428d2d3dd7affd8aa295a27b4202facca71965d66bac