Chris Moberly Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
webapps xml CVE-2018-13416

Porhai Eung WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change)
webapps php 80.0 CVE-2018-14029

0xB455 Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection
webapps linux CVE-2018-14716

GUIA BRAHIM FOUAD Responsive Filemanager 9.13.1 - Server-Side Request Forgery
webapps linux CVE-2018-14728

owodelta H2 Database 1.4.197 - Information Disclosure
webapps linux CVE-2018-14335

Mark Wadham Charles Proxy 4.2 - Local Privilege Escalation
local macos CVE-2017-15358

Google Security Research fusermount - user_allow_other Restriction Bypass and SELinux Label Control
dos linux CVE-2018-10906

Metasploit Axis Network Camera - .srv to parhand Remote Code Execution (Metasploit)
remote linux 80.0 CVE-2018-10662;CVE-2018-10661;CVE-2018-10660

Metasploit Axis Network Camera - .srv to parhand Remote Code Execution (Metasploit)
remote linux 80.0 CVE-2018-10662;CVE-2018-10661;CVE-2018-10660

Google Security Research Skia - Heap Overflow in SkScan::FillPath due to Precision Error
dos multiple CVE-2018-6126

Core Security SoftNAS Cloud < 4.0.3 - OS Command Injection
webapps php CVE-2018-14417

Dhamotharan Online Trade 1 - Information Disclosure
webapps linux CVE-2018-14328

Erik David Martin Core FTP 2.0 - 'XRMD' Denial of Service (PoC)
dos windows CVE-2018-20658

vulnc0d3 Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)
webapps hardware 80.0 CVE-2018-13859

neonsea Inteno’s IOPSYS - (Authenticated) Local Privilege Escalation
local linux CVE-2018-14533

Nathu Nandwani GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)
dos windows CVE-2017-17849