phpAbook version 0.9i suffers from a remote SQL injection vulnerability.

Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.

Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability.

A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will…

ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.