Vulnerability in Easy Joomla Backup v3.2.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php;. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Android system (nfc). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
A remote code execution vulnerability in the Android media framework (libvorbis). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
A remote code execution vulnerability in the Android media framework (libjhead). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libavc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
A remote code execution vulnerability in the Android libraries (libgdx). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek teei. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek lastbus. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek mmc driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Android framework (windowmanager). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
A elevation of privilege vulnerability in the Upstream kernel scsi driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek auxadc driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the MediaTek accessory detector driver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A elevation of privilege vulnerability in the Android media framework (libeffects). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A elevation of privilege vulnerability in the Android media framework (libeffects). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
A elevation of privilege vulnerability in the Android libraries (libminikin). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A information disclosure vulnerability in the Android media framework (n/a). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a. Rated high severity (CVSS 7.0).
Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A information disclosure vulnerability in the Broadcom wi-fi driver. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A information disclosure vulnerability in the Android media framework (audioflinger). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
A information disclosure vulnerability in the N/A memory subsystem. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A information disclosure vulnerability in the Android media framework (n/a). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.