PaperThin CommonSpot contains multiple vulnerabilities,which may allow an unauthenticated remote attacker to execute arbitrary code on the server.
PivotX 2.3.8,and possibly earlier versions,contains cross-site scripting(CWE-79)and unsafe file upload(CWE-434)vulnerabilities.
AMTELCO miSecureMessages Server Release 6.2 performs weak authentication for access to user messages(CWE-287).
Fortinet FortiADC D-series 3.2.0,and possibly earlier versions,contains a cross-site scripting vulnerability. (CWE-79)
ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00(BFQ.6)C0,and possibly earlier versions,is susceptible to multiple vulnerabilities. Other device models that use similar firmware may also be vulnerable.
The Microsoft Office file format converter contains a memory corruption vulnerability,which may allow a remote,unauthenticated attacker to execute arbitrary code with the privileges of the user.
OpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as"heartbleed."
Zyxel P660 series modem/router contains a denial of service vulnerability when parsing a high volume of SYN packets on the web management interface.
ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities.
WatchGuard Fireware XTM 11.8.1,and possibly earlier versions,contains a cross-site scripting vulnerability.
Huawei E355 USB WiFi adapter with firmware version:21.157.37.01.910 has been reported to contain a direct request vulnerability in the web interface. (CWE-425)
ZTE F460/F660 cable modems contain an unauthenticated backdoor.