Bugcrowd’s web application suffered from a filter bypass and malicious script insertion vulnerability.
>> ARCHIVE: 2016-05
dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.
Open-Xchange OX AppSuite versions 7.8.0 and below suffer from cross site scripting, open redirection, and argument injection vulnerabilities.
Teampass version 2.1.25 suffers from an unauthenticated access vulnerability.
Teampass version 2.1.25 suffers from an arbitrary file download.
PHP CRUD version 1.4 comes installed with weakly protected backdoor accounts.
VMWare vSphere web client versions 5.1 through 6.0 suffer from a flash cross site scripting vulnerability.
Graphite2 suffers from a heap-based buffer overflow in GlyphCache::GlyphCache.
Graphite2 suffers from multiple heap-based over-reads in GlyphCache::Loader.
Graphite2 suffers from a heap-based over-read in TtfUtil::CheckCmapSubtable12.