qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts. Date published : 2017-08-29 http://www.question2answer.org/versions.php https://github.com/q2a/question2answer/commit/6013ca1c83bf232008f7be815c0e4821fb6b120a
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files. Date published : 2017-08-29 https://www.nomachine.com/SU08O00185 https://www.nomachine.com/forums/topic/security-advisory-nomachine-privileges-escalation-vulnerability
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors. Date published : 2017-08-29 http://www.securityfocus.com/bid/100535 https://kb.netapp.com/support/s/article/NTAP-20170825-0001
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site,...
diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order...
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. Date published : 2017-08-29 http://www.securityfocus.com/bid/100503 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service. Date published : 2017-08-28 https://www.ffmpeg.org/security.html https://vuldb.com/?id.9269
Cross-site scripting (XSS) vulnerability in the Googlemaps plugin before 3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the xmlns parameter. Date published : 2017-08-28 http://www.mapsplugin.com/Google-Maps/Documentation-of-plugin-Googlemap/security-release-3-1-of-plugin-googlemaps.html http://www.openwall.com/lists/oss-security/2015/02/26/11
The ‘vp3_decode_frame’ function in FFmpeg 1.1.4 moves threads check out of header packet type check. Date published : 2017-08-28 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=14c8ee00ffd9d45e6e0c6f11a957ce7e56f7eb3a https://www.ffmpeg.org/security.html
Multiple SQL injection vulnerabilities in SmartCMS v.2. Date published : 2017-08-28 http://www.securityfocus.com/bid/72289 http://seclists.org/fulldisclosure/2015/Jan/96
Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. Date published : 2017-08-28 http://seclists.org/fulldisclosure/2015/Jan/97 http://packetstormsecurity.com/files/130076/SmartCMS-2-Cross-Site-Scripting.html