From DHS/US-CERT's National Vulnerability Database
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
Sonatype Nexus Repository Manager before 3.14 allows XSS.
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.