Digi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell.
>> ARCHIVE: 2019-02
mIRC versions prior to 7.55 suffer from a remote command execution using argument injection through custom URI protocol handlers.
CMSsite version 1.0 suffers from a remote SQL injection vulnerability in post.php. This version of the software has been known to have SQL injection vulnerabilities since 2010.
Apache CouchDB version 2.3.0 suffers from multiple cross site scripting vulnerabilities.
qdPM version 9.1 suffers from multiple cross site scripting vulnerabilities.
ArangoDB Community Edition version 3.4.2-1 suffers from a cross site scripting vulnerability.
Master IP CAM 01 version 3.3.4.2103 suffers from a remote command execution vulnerability.
Comodo Dome Firewall version 2.7.0 suffers from multiple cross site scripting vulnerabilities.
HTMLy version 2.7.4 suffers from multiple cross site scripting vulnerabilities.
A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of OpenType fonts.