Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to (1) hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, (2) hijack the authentication of users for requests that cause an unspecified impact via the group_id parameter to group.php, (3) hijack the authentication of users for requests that delete statuses via the status_id parameter to status.php, (4) hijack the authentication of users for requests that delete severities via the severity_id parameter to severity.php, (5) hijack the authentication of users for requests that cause an unspecified impact via the priority_id parameter to priority.php, (6) hijack the authentication of users for requests that delete the operating system via the os_id parameter to os.php, (7) hijack the authentication of users for requests that delete databases via the database_id parameter to database.php, or (8) hijack the authentication of users for requests that delete sites via the site_id parameter to sites.php.

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.

Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. (dot dot) in an unspecified parameter.

The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.

Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.

The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.

The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal.

QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS.

The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to unauthorized log configuration changes.

The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack.

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header.

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.

Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.

Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in the gallery_album_sorting page to wp-admin/admin.php.

Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile Builder plugin before 2.0.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) site_name, (2) message, or (3) site_url parameter.