IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.1 - 9.1.2 is vulnerable to a denial of service attack caused by a memory leak in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
In hostapd, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.
In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.
Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible information disclosure due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Account of Account.java, there is a possible boot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a use of uninitialized variable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In WiFi, there is a possible leak of WiFi state due to a permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In libstagefright, there is a possible use-after-free due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In libandroidfw, there is a possible OOB read due to an integer overflow. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In Bluetooth, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In the TEE, there's a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.
When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In AOSP Email, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In the Package Manager service, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.