Jenkins Credential binding plugin was found to be prone information -disclosure vulnerability. An attacker can take advantage of this vulnerability and thereby gain access to sensitive information. This may also lead to further attacks.

GNU Binutils ‘libiberty’  was found to be prone to an integer overflow vulnerability as it fails to properly bound check the user supplied data before it is copied to an insufficiently priced memory buffer. An attacker can take advantage of this vulnerability to execute arbitrary code within the context of the affected application. If they fail to exploit  then it would result in a denial of service issue.

Exim was found to be prone to a privilege escalation vulnerability. An attacker can make use of this vulnerability to execute programs with root privilege.

FFmpeg was found to be prone to Security Bypass Vulnerability. An attacker can take advantage of this issue to bypass security restrictions and also to perform unauthorised actions

Scapy was found to be prone to Remote Denial of Service Vulnerability. An attacker can make use of this issue to crash the application. This would also deny the services to legitimate users.

Palo Alto networks was found to be prone to multiple remote code execution vulnerabilities. An attacker can exploit this issue which may result in execution of arbitrary code in the context of the affected application. if the attacker fails to exploit, then it may lead to denial of service issue.

VideoLAN VLC found to be prone to heap based buffer overflow Vulnerability. Attackers can take advantage of this vulnerability to cause denial of service issue. Thus they can deny service to legitimate users. The attackers can also execute arbitrary code which may lead to other such issues.

CKEditor was found to be prone to cross site scripting vulnerability. It would fail to sanitise user inputs properly. An attacker may make use of this vulnerability to execute arbitrary script code in the browser of a user. They will be doing so in the context of the affected site .This may also allow the attacker to steal cookie based authentication credentials. This can also enable them to also launch other such attacks easily.

Foxit Phantom was found to be prone to denial of service vulnerability. An attacker can leverage this issue to crash the affected application. Thus they can deny service to legitimate users.

Squid was found to be prone to multiple Cross Site Scripting Vulnerabilities. It was failing to sanitise user supplied input.
An attacker can make use of this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, they do the same in the context of the affected site. This can also allow the attacker to steal cookie based authentication credentials and also launch other similar attacks