The function __vipx_ioctl_put_container() in the Samsung kernel calls copy_to_user() on a vs4l_container_list structure that contains a kernel pointer, exposing that kernel pointer to userspace just before it gets passed to…
>> ARCHIVE: 2020-02
In the Samsung kernel, the /dev/hdcp2 device ioctls seem to implement no locking, leading to multiple exploitable race conditions. For example, you can open a session with the HDCP_IOC_SESSION_OPEN ioctl,…
XNU suffers from a use-after-free vulnerability in tcp_input.
This function, reached through ioctl VS4L_VERTEXIOC_QBUF in the Samsung kernel, has an error case that cannot function correctly. It reads in an array of pointers from userspace and in-place replaces…
Chrome suffers from a heap use-after-free vulnerability in DesktopMediaPickerController::WebContentsDestroyed.
http://www.banann.go.th/vuln.gif notified by Xpordi
qdPM < 9.1 – Remote Code Execution
Comtrend VR-3033 – Command Injection
Business Live Chat Software 1.0 – Cross-Site Request Forgery (Add Admin)
SpotFTP-FTP Password Recover version 2.4.8 suffers from a denial of service vulnerability.