In the Linux Mali driver, when building with MALI_USE_CSF, the VFS read handler of the main Mali file descriptor (kbase_read()) never looks at its “count” parameter. This means that a…
>> AUTHOR: deepcore
WiFiMouse 1.8.3.4 – Remote Code Execution (RCE)
Wifi HD Wireless Disk Drive 11 – Local File Inclusion
Genesys PureConnect as of their build on 08-October-2020 suffers from a cross site scripting vulnerability.
WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
OpenCart 3.x Newsletter Custom Popup module version 4.0 suffers from a remote blind SQL injection vulnerability.
Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
PhotoSync version 4.7 suffers from a local file inclusion vulnerability.
SoX versions 14.4.2 and below suffer from a division by zero attack when handling WAV files, resulting in denial of service vulnerability and possibly loss of data.
VIAVIWEB Wallpaper Admin suffers from remote shell upload and remote SQL injection vulnerabilities.