The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the params parameter, related to missing input validation of the id field.

During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API.

vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter.

Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2.3.5 allows attackers to read/write arbitrary files via the IEC61850 File Transfer protocol.

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3.

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name.

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.

Joomla! before 1.0.10 allows remote attackers to spoof the frontend submission forms, which has unknown impact and attack vectors.

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.

Cross-site scripting (XSS) vulnerability in index.php in FlexTV beta development version allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF parameter.

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490.

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.

SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file.

Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.

In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which makes it possible to overflow the nps[] buffer... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.