MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remot...

The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe A...

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitr...

The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords v...

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptio...

Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors.

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors.

The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metachara...

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0 an...

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6....

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL.

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sy...

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive.

The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php.

The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.

The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.