kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint

SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot

BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file.

Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.