In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the magnetic crate before 2.0.1 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the try-mutex crate before 0.3.0 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the mio crate before 0.7.6 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the miow crate before 0.3.6 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the socket2 crate before 0.3.16 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the net2 crate before 0.2.36 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the branca crate before 0.10.0 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the pyo3 crate before 0.12.4 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the image crate before 0.23.12 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the futures-intrusive crate before 0.4.0 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the futures-task crate before 0.3.5 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the dync crate before 0.5.0 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the array-queue crate through 2020-09-26 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in the actix-service crate before 1.0.6 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quota component of the Survey page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
An issue was discovered in the concread crate before 0.2.6 for Rust. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.
An issue was discovered in the futures-util crate before 0.3.7 for Rust. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
URI.js is a javascript URL mutation library (npm package urijs). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
HGiga MailSherlock does not validate user parameters on multiple login pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the thex crate through 2020-12-08 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An issue was discovered in the lock_api crate before 0.4.2 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An issue was discovered in the futures-util crate before 0.3.2 for Rust. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An issue was discovered in the atom crate before 0.3.6 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.
An issue was discovered in the arr crate through 2020-08-25 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.
An issue was discovered in the lock_api crate before 0.4.2 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.
An issue was discovered in the lock_api crate before 0.4.2 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.
An issue was discovered in the lock_api crate before 0.4.2 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.
An issue was discovered in the lock_api crate before 0.4.2 for Rust. Rated medium severity (CVSS 4.7). No vendor patch available.