InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.

User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.

User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.

User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.

An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.

A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP commun...

In Bluetooth, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution pri...

Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional executio...

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User i...

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security ...

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security ...

In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed....

In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution pr...

In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. U...

In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no addition...

In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no...

In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execu...

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/view_designati...

A vulnerability was found in SourceCodester Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/userprofile.php of the compone...