Backdoor.Win32.FTP.Lana.01.d malware suffers from a man-in-the-middle vulnerability.

Ametys CMS version 4.4.1 suffers from a cross site scripting vulnerability.

Backdoor.Win32.DRA.c malware suffers from a weak hardcoded password vulnerability.

CosaNostra Builder malware suffers from an insecure permissions vulnerability.

Xerox Versalink printers suffer from a remote denial of service vulnerability using a specially crafted TIFF payload.

CosaNostra Builder WebPanel malware only uses straight MD5 to store passwords without any salt.

Land Software’s FAUST iServer versions 9.0.017.017.1-3 through 9.0.018.018.4 suffer from a local file inclusion vulnerability.

uBidAuction version 2.0.1 suffers from a cross site scripting vulnerability.

CosaNostra Builder WebPanel malware suffers from a cross site request forgery vulnerability.

Ethercreative Logs plugin versions 3.0.3 and below for Craft CMS suffer from a path traversal vulnerability.