In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.
An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.
An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitati...
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php.