Quick Player version 1.3 suffers from a denial of service vulnerability.

Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Castel NextGen DVR version 1.0.0 suffers from authorization bypass, credential disclosure, and cross site request forgery vulnerabilities.

This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director versions prior to 6.7.4.0 to leak the administrator’s REST API key and execute a Cloupia script…

Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure.