WordPress Under Construction, Coming Soon, and Maintenance Mode plugin version 1.1.1 suffers from cross site scripting and server-side request forgery vulnerabilities.
Simple Employee Records System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.
Yeastar TG400 GSM Gateway version 91.3.0.3 suffers from a path traversal vulnerability.
Nagios XI version 5.7.5 suffers from a cross site scripting and multiple remote code execution vulnerabilities.
LightCMS version 1.3.4 suffers from a persistent cross site scripting vulnerability.
Squid versions 4.14 and 5.0.5 suffer from a double free vulnerability that can result in code execution.
Trojan-Dropper.Win32.Daws.etlm malware suffers from a remote unauthenticated system reboot vulnerability.
Trojan-Spy.Win32.SpyEyes.elr malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Azbreg.amw malware suffers from an insecure permissions vulnerability.
Trojan.Win32.Hotkeychick.am malware suffers from an insecure permissions vulnerability.