A cross site scripting vulnerability has been discovered in the AIR5750 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.
gVisor Pagetables Reuse
gVisor reuses pagetables across levels without paging-structure invalidation.
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
WordPress Breadcrumb NavXT plugin version 6.1.0 suffers from a username disclosure vulnerability.
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass
WordPress WebARX Website Firewall plugin version 4.9.8 suffers from bypass and cross site scripting vulnerabilities.
Microsoft Edge Sandbox Escape
Microsoft Edge suffers from a sandbox escape vulnerability.
iWay Data Quality Suite Web Console 10.6.1.ga XML Injection
iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.
ManageEngine Desktop Central 10.0.271 Cross Site Scripting
ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.
Rausoft ID.prove 2.95 SQL Injection
Rausoft ID.prove version 2.95 suffers from a remote SQL injection vulnerability.
PCProtect 4 8.35 Privilege Escalation
PCProtect 4 version 8.35 suffers from a weak file permission privilege escalation vulnerability.
AppArmor Filesystem Blacklisting Bypass
AppArmor has an issue where filesystem blacklisting can be bypassed by moving parents.