Backdoor.Win32.Eclipse.h malware suffers from a hardcoded credential vulnerability.

The Monroe Electronics / Digital Alert Systems OneNet SE DASDEC Emergency Alert System Appliance suffers from cross site scripting and html injection vulnerabilities.

IOTransfer version 4.0 suffers from a remote code execution vulnerability.

Dr. Fone version 4.0.8 suffers from an unquoted service path vulnerability.

Kite version 1.2021.610.0 suffers from an unquoted service path vulnerability.

OctoBot WebInterface version 0.4.3 suffers from a remote code execution vulnerability.

CodoForum version 5.1 suffers from a remote code execution vulnerability.

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) versions 1.31.460 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands…

Chrome has an issue where raw_ptr broke implicit scoped_refptr for receivers in base::Bind.