BSA Radar version 1.6.7234.24750 suffers from a cross site request forgery vulnerability.

SuperMicro IPMI version 03.40 suffers from a cross site request forgery vulnerability.

Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability.

Webtareas versions 2.1 and 2.1p suffer from unauthenticated file uploads that allow for remote code execution and expose directory listings.

WordPress Power’s WHOIS Domain Check plugin version 0.9.31 suffers from a persistent cross site scripting vulnerability.

A file hijacking vulnerability was found in the Microsoft OneDrive client. This vulnerability allows a local attacker to plant a DLL file on the local machine. This DLL will then…

Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code…

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity…

Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are…