LuaJIT through 2.1 has an out-of-bounds read in the stack-overflow handler in lj_state.c

LuaJIT through 2.1 has a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component.

An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php.

An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php.

LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS).

In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.

employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint.

fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.

flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.