invenio-communities before 1.0.0a20 allows XSS.

Tridactyl before 1.16.0 allows fake key events.

invenio-records before 1.2.2 allows XSS.

Pterodactyl before 0.7.14 with 2FA allows credential sniffing.

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.

invenio-previewer before 1.0.0a12 allows XSS.

Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link.

Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.

ASH-AIO before 2.0.0.3 allows an open redirect.

graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.

docker-credential-helpers before 0.6.3 has a double free in the List functions.

parse-server before 3.6.0 allows account enumeration.

parse-server before 3.4.1 allows DoS after any POST to a volatile class.

SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority.

Misskey before 10.102.4 allows hijacking a user's token.

yard before 0.9.20 allows path traversal.

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file.

In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.