Compass Security discovered a design weakness in Microsoft Intune’s app protection. This weakness allows a malicious user that gets hold of an employee’s iOS device to access company data even without knowing the app PIN.
GNU binutils version 2.26.1 suffers from an integer overflow vulnerability.
Social Oauth Login PHP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
SOA School Management suffers from a remote SQL injection vulnerability.
userSpice version 4.3 suffers from a cross site scripting vulnerability.
WordPress UltimateMember plugin version 2.0 suffers from multiple cross site scripting vulnerabilities.
NAT32 Build 22284 suffers from a remote command execution vulnerability.
TypeSetter CMS version 5.1 suffers from a cross site request forgery vulnerability.
NAT32 build 22284 suffers from code execution and cross site request forgery vulnerabilities.
Dell EMC Isilon OneFS suffers from code execution, cross site request forgery, and cross site scripting vulnerabilities.