:: Deepquest ::

OPNsense version 19.1 suffers from a cross site scripting vulnerability.

Pages for Bitbucket Server versions 2.6.0 and below suffer from multiple cross site scripting vulnerabilities.

COVO versions 9.0.8, 10.0.11, and 12.0.4 suffer from a cross site scripting vulnerability.

It has been discovered that the Linux eBPF Spectre v1 mitigation is insufficient.

Remote Process Explorer version 1.0.0.16 denial of service proof of concept exploit with SEH overwrite.

SureMDM versions prior to the 2018-11 Patch suffers from local and remote file inclusion vulnerabilities.

CUJO Firewall suffered from authorization bypass, denial of service, and user enumeration vulnerabilities.

Zimbra Collaboration versions prior to 8.8.11 suffer from multiple cross site scripting vulnerabilities.

SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obtaining remote code execution under the context of the Windows SYSTEM account in a default installation.

SolarWinds Serv-U FTP version 15.1.6.25 suffers from a cross site scripting vulnerability.