An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the.
The privileged user could log in without sufficient credentials after enabling an application protocol. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was determined in Tenda AC10 16.03.10.13. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in Tenda A15 15.13.07.13. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability has been found in Tenda AC8 16.03.34.06. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was identified in Tenda AC21 16.03.08.16. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.