Packet Storm

G and G Corporate CMS version 1.0 suffers from a cross site scripting vulnerability.

FreshRSS version 1.11.1 suffers from an html injection vulnerability.

Forum Fire Soft Board version 0.3.0 suffers from a cross site scripting vulnerability.

Forma LMS version 1.4 suffers from a database disclosure vulnerability.

Foodiee CMS version 1.0.1 suffers from an insecure direct object reference vulnerability.

Foodiee Online Food Ordering Web Application version 1.0.0 suffers from an ignored default credential vulnerability.

FlightPath LMS version 4.8.2 suffers from a cross site scripting vulnerability.

FixBook Repair Shop Management Tool version 3.0 suffers from an information leakage vulnerability.

Ubuntu Security Notice 6303-2 - USN-6303-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

WordPress Charitable Donations Plugin and Fundraising Platform versions 1.7.0.12 and below suffer from a privilege escalation vulnerability.