Navicat Premium version 11.2.11 suffers from a local password disclosure vulnerability.
>> ARCHIVE: 2016-09
MySQL version 5.5.45 64-bit suffers from a local credential disclosure vulnerability.
glibc getaddrinfo stack-based buffer overflow exploit that leverages the priorly disclosed issue by Google.
WIN-911 version 7.17.00 suffers from incorrect default permissions and plaintext credential storage vulnerabilities.
PHPIPAM version 1.2.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
Various Aruba Networks and Alcatel-Lucent products have a private key for a browser-trusted certificate embedded in firmware.
http://www.koksaat.go.th notified by JoOker
Adobe ColdFusion < 11 Update 10 – XML External Entity Injection
TeamViewer 11.0.65452 (64 bit) – Local Credentials Disclosure
SugarCRM 6.5.23 – REST PHP Object Injection Exploit (Metasploit)