Author: Cyberthreat Blog

lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentials.

mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code.

Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations.

Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information.

The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.