The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users.

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message

Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service

CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft OneNote Spoofing Vulnerability

Microsoft Outlook Remote Code Execution Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Windows Snipping Tool Information Disclosure Vulnerability