| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. |
| Memory corruption in core services when Diag handler receives a command to configure event listeners. |
| Memory corruption in WLAN HAL while parsing WMI command parameters. |
| Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. |
| Information disclosure in WLAN HAL when reception status handler is called. |
| Memory corruption in QESL while processing payload from external ESL device to firmware. |
| Memory corruption in WLAN handler while processing PhyID in Tx status handler. |
| Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. |
| Transient DOS in Audio while remapping channel buffer in media codec decoding. |
| Information Disclosure in WLAN Host when processing WMI event command. |
| Memory corruption while allocating memory in COmxApeDec module in Audio. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <= 2.2.0 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions. |
|
IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206.
|
|
IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204.
|
| IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251052. |
| IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397. |
| Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin <= 2.4.9 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions. |
