JIRA Artezio Board plugin version 1.4 suffers from cross site scripting and information disclosure vulnerabilities.
ASUS DSL-N55U version 3.0.0.4.376_2736 suffers from cross site scripting and information disclosure vulnerabilities.
Parsijoo Search Engine suffers from a cross site scripting vulnerability.
The CloudGate M2M gateway from Option suffers from an insecure direct object reference that allows for authorization bypass as well as cross site scripting vulnerabilities.
iBilling version 3.7.0 suffers from multiple stored and reflective cross site scripting vulnerabilities.
Riverbed SteelCentral NetProfiler and NetExpress versions 10.8.7 and below suffer from command injection, privilege escalation, local file inclusion, account hijacking, and remote SQL injection vulnerabilities.
Untangle NGFW versions 12.1.0 Beta and below execEvil() authentication root command injection exploit.
Kagao version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
PspInitializeFullProcessImageName does not correctly handle a NULL pointer being passed to it leading to a dereference at NULL for a file object which might be exploitable on 32 bit systems for elevation of privilege.
Armadito suffers from a remote arbitrary file write due to a man-in-the-middle issue.