MATESO GmbH Password Safe and Repository Enterprise 7.4.4 build 2247 suffers from poor credential management using unsalted MD5 hashes.

MATESO GmbH Password Safe and Repository Enterprise version 7.4.4 build 2247 suffers from a remote SQL injection vulnerability.

MyBB versions prior to 1.8.11 suffer from a directory traversal vulnerability.

MyBB versions prior to 1.8.11 suffers from a cross site scripting vulnerability.

s9y Serendipity versions prior to 2.0.5 suffer from a cross site request forgery vulnerability.

Red Hat Security Advisory 2017-0901-01 – In accordance with the Red Hat Directory Server Life Cycle policy, Red Hat Directory Server 9 will be retired as of June 10, 2017 and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including critical impact security patches or urgent priority bug fixes, after this date.

Ubuntu Security Notice 3258-2 – USN-3258-1 intended to fix a vulnerability in Dovecot. Further investigation revealed that only Dovecot versions 2.2.26 and newer were affected by the vulnerability. Additionally, the change introduced a regression when Dovecot was configured to use the “dict” authentication database. This update reverts the change. It was discovered that Dovecot incorrectly handled some usernames. An attacker could possibly use this issue to cause Dovecot to hang or crash, resulting in a denial of service. Various other issues were also addressed.