Symantec Web Gateway 126.96.36.199,and possibly earlier versions,contains cross-site scripting and SQL injection vulnerabilities.
Cisco AsyncOS contains a reflected cross-site scripting(XSS)vulnerability.
Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead to bypass of security features and/or denial of service for the platform.
OpenSSL is vulnerable to a man-in-the-middle attack.
The built-in web interface of Huawei E303 devices contains a cross-site request forgery vulnerability.
Dell ML6000 and Quantum Scalar i500 tape backup system contain a command injection vulnerability.
Alfresco Enterprise 4.1.6 and possibly earlier versions are vulnerable to multiple cross-site scripting(XSS)vulnerabilities.
Bizagi BPM Suite contains a reflected cross-site scripting vulnerability and a SQL injection vulnerability.
Microsoft Internet Explorer 8 contains a use-after-free vulnerability that can allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable system.
Juniper ScreenOS 6.3,and possibly earlier versions,is vulnerable to a denial of service from malformed SSL packets.
Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user,which results in a cross-site request forgery(CSRF)vulnerability. (CWE-352)
Caldera 9.20,and possibly earlier versions,contains multiple vulnerabilities.