ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
An issue was discovered on Samsung mobile devices with P(9.0) software. The Pin Window feature allows unauthenticated unpinning of an app. The Samsung ID is SVE-2018-13765 (March 2019).
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors.
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.