Stephan Sekula has identified a reflected cross-site scripting vulnerability in IBM Notes Traveler.

Fabio Poloni has identified a Path Traversal vulnerability in the Monstra content management system.

Thierry Viaccoz has identified an authorization bypass in the ownCloud Impersonate application

Sylvain Heiniger has identified a Cross-Site Scripting vulnerability in the ownCloud iOS application.

Lukasz D. identified an XSS vulnerability in Atmosphere Framework.

Stephan Sekula identified vulnerabilities in the OfficeSpace facility management software.

Thierry Viaccoz identified an incorrectly designed access control in Homeputer CL Studio for HomeMatic.

Lukasz D. identified an HTTP header injection vulnerability in Vert.x Framework.

Nicolas Heiniger identified vulnerabilities in totemomail Encryption Gateway.

Stephan Sekula has identified a design vulnerability in Microsoft Intune that may allow getting access to confidential information.

Stephan Sukula identified a design vulnerability in Microsoft Intune that allows bypassing the app PIN protection.

Damian Pfammatter and Alessandro Zala identified an XSS vulnerability in Zimbra Collaboration Suite.