• CVE-2018-10377 - Insufficient Validation of Burp Collaborator Server Certificate
• CVE-2017-9376 - ManageEngine ServiceDesk Plus Local File Inclusion
• CVE-2017-9362 - ManageEngine ServiceDesk Plus XML External Entity via CMDB API
• CVE-2017-10992 - HP Storage Essentials Remote Code Execution via Java deserialization
• CVE-2016-10125 - DLink DGS-1100 switch static hard-coded TLS crypto keys in firmware
• CVE-2016-3670 Stored Cross Site Scripting in Liferay CE
• CVE-2016-4056 - Stored Cross-Site Scripting in TYPO3 Bookmarks
• Insecure Direct Object Reference in OSTicket attachments
• CVE-2015-7968 - SAP Netweaver Application Server XXE (SAP Security Note 2183189)
• Google AOSP Email App HTML Injection
• CVE-2015-7342 Multiple SQL Injection in JNews Joomla Component
• CVE-2015-7340 SQL Injection in JEvents Joomla Component
• CVE-2015-7338 SQL Injection in AcyMailing Joomla Component
• CVE-2015-7341 Bypass File Upload Restriction in JNews Joomla Component
• CVE-2015-7343 Reflected Cross-Site Scripting in JNews Joomla Component
• CVE-2015-7339 Bypass File Upload Restriction in JCE Joomla Component
• CVE-2015-7344 Cross-Site Scripting in HikaShop Joomla Component
• CVE-2015-7349 - Reflected cross-site scripting vulnerability in DIGIPASS authentication for Citrix Web Interface
• CVE-2015-3784 Apple iOS Office Viewer XXE vulnerability
• CVE-2014-4925 HTML injection in Good For Enterprise Android
• CVE-2014-1635 Belkin N750 Buffer Overflow
• CVE-2014-1634 - SQL Injection in Advanced Newsletter Magento extension
• CVE-2013-3319 - SAP Host Agent Information Disclosure

Upcoming