Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted.

Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing

Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.

snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.

Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.

CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct req