OX App Suite and OX Documents suffer from cross site scripting, code injection, path traversal, and input validation vulnerabilities. Most of these issues affect 7.10.5 and below with one affecting 7.10.4 and below.
Backdoor.Win32.Wollf.h malware suffers from a hard-coded password vulnerability.
Pinkie version 2.15 suffers from a remote buffer overflow vulnerability.
Wipro Holmes Orchestrator version 20.4.1 unauthenticated log file disclosure exploit.
Backdoor.Win32.Agent.ad malware suffers from an insecure credential storage vulnerability.
Aimeos Laravel Ecommerce Platform version 2021.10 LTS suffers from a remote SQL injection vulnerability.
Backdoor.Win32.BNLite malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.BlueAdept.02.a malware suffers from a buffer overflow vulnerability.
OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities.
Wipro Holmes Orchestrator version 20.4.1 allows unauthenticated re-downloading of priorly exported reports in Excel.