In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with Use ...……
In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local escal ...……
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed ...……
In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalat ...……
The Python Flask-Security-Too package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Fla ...……
In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is n ...……
In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of priv ...……
In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP PLAY command, when the command specifies seeking by absolute time.……
Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter.……
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML ...……
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.……
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. A specially crafted packet can lead to denial of service. An att ...……
IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IBM ...……
Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With th ...……
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter ...……
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type confusion issue while processing project files, which may allow an attacker to execute arbitrary code.……
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.……
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.……
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.……
A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arb ...……
Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.……
Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.……
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.……
Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera acce ...……
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of ...……
There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has re ...……
In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause oth ...……
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.……
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.……