A Command Injection vulnerability exists in Nagios XI. Successful exploitation will result in arbitrary command execution with root privileges.

A command execution vulnerability exists in D-Link DCS-930L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.

A denial-of-service vulnerability has been reported in Squid. The vulnerability is due to the way Squid uses a String object of a certain maximum length to store incoming headers, such as the Vary header, in HTTP responses. Long strings in headers can cause an assertion failure.

A persistent XSS vulnerability exists in the user account creation process in Liferay Portal. The vulnerability is due to insufficient input validation of the firstName, middleName and lastName parameters. Successful exploitation could allow the attacker to inject arbitrary script code into a user profile.

A remote command injection vulnerability exists in Tiki-Wiki CMS’s calendar module. By exploiting this vulnerability, a remote attacker can execute arbitrary code on the affected server.

A use-after-free vulnerability exists in the RTF parser of the LibreOffice office suite. The vulnerability is due to invalid parsing of stylesheets in RTF files. By enticing the user to open a specially crafted RTF file, an attacker could exploit this vulnerability to execute arbitrary code on the affected system.

A cross-site scripting vulnerability exists in WordPress WP Live Chat Support Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system.

A cross-site scripting vulnerability exists in WordPress All In One SEO Pack plugin. Successful exploitation of this vulnerability would allow a remote attacker to insert malicious code into the effected system.

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to an error in the way Microsoft Edge accesses objects in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would allow attackers to execute code on the target system.

Internet Explorer (IE) is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this vulnerability to create a denial of service condition or to execute arbitrary code in the context of the currently logged in user. Successful exploitation of this vulnerability may allow execution of arbitrary code on a vulnerable system.