WebNMS Framework versions 5.2 and 5.2 SP1 suffer from directory traversal, code execution, weak obfuscation, and user impersonation vulnerabilities.
Navis WebAccess Express version suffers from a remote SQL injection vulnerability.
Nagios Network Analyzer version 2.2.1 suffers from a cross site scripting vulnerability.
Nagios Network Analyzer version 2.2.1 suffers from a cross site request forgery vulnerability.
FortiVoice version 5.0 suffers from filter bypass and cross site scripting vulnerabilities.
Nuke Evolution version 2.0.9d suffers from multiple client-side cross site scripting vulnerabilities.
Microsoft GDI+ suffers from an out-of-bounds read in DIB palette handling in ValidateBitmapInfo.
Any Video Converter version 5.9.5 suffers from a dll hijacking vulnerability.
AirSnort version 0.2.7 suffers from a stack corruption denial of service vulnerability.
A vulnerability allowed remote attackers to determine which specific Facebook user ID is linked with a mobile phone number without secure approval. The vulnerability is located in the ctx and recover lwv parameters and /login/identify modules.