Dolibarr ERP/CRM 10.0.6 – Login Brute Force
Dolibarr ERP/CRM 10.0.6 – Login Brute Force
WordPress Plugin Mimetic Books 0.2.13 – ‘Default Publisher ID field’ Stored Cross-Site Scripting (XSS)
WordPress Plugin LearnPress 3.2.6.7 – ‘current_items’ SQL Injection (Authenticated)
WordPress Plugin LearnPress 3.2.6.8 – Privilege Escalation
VMware ThinApp suffered from a dll hijacking vulnerability.
Aruba Instant (IAP) remote code execution exploit.
Seagate BlackArmor NAS version sg2000-2000.1331 remote command injection exploit.
Aruba Instant version 8.7.1.0 arbitrary file modification exploit.
ForgeRock Access Manager/OpenAM version 14.6.3 unauthenticated remote code execution exploit.
Argus Surveillance DVR version 4.0 suffers from a weak password encryption vulnerability.