RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 18.104.22.168 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced direction.
Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges.
PointOfSales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.
School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to include/user.vb.
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008.
SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection.
SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection.
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
Library Management System 1.0 has SQL Injection via the "Search for Books" screen.
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.