Multiple versions of Whole Vibratissimo Smart Sex Toy suffer from credential disclosure, exposed administrative interface, cleartext storage of passwords, unauthenticated bluetooth LE connection, and other vulnerabilities. These devices screw you in more way than one.
Geovision Inc. devices GV-BX1500 version 3.10 2016-12-02 and GV-MFD1501 version 3.12 2017-06-19 suffer from remote command execution, stack overflow, double free, and other vulnerabilities.
Advance Loan Management System version 1.0 suffers from a remote SQL injection vulnerability.
JEXTN Classified component version 1.0.0 suffers from a remote SQL injection vulnerability.
Microsoft Windows Subsystem for Linux execve() local privilege escalation exploit.
Joomla! Jimtawl component version 2.2.5 suffers from a remote shell upload vulnerability.
Flexense SyncBreeze Enterprise versions 10.3.14 and below suffer from a buffer overflow vulnerability.
Real Estate Custom Script version 1.0 suffers from a remote SQL injection vulnerability.
Fancy Clone Script suffers from a search_browse_product remote SQL injection vulnerability.
Joomla! JE PayperVideo component version 3.0.0 suffers from a remote SQL injection vulnerability.