ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 19.0% and no vendor patch available.
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access. Rated medium severity (CVSS 6.2). No vendor patch available.