| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php. |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin. |
| emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90 |
| An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence. |
| onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Admin Group module. |
| In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel. |
| In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed. |
| In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed. |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
