Chitor CMS version 1.1.2 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to msd0pe in April of 2023.
Multi-Vendor Online Groceries Management System version 1.0 suffers from a remote code execution vulnerability.
This is an extension of research on the original findings of CVE-2020-15858 in Telit Cinterion IoT devices. Numerous issues have been discovered including path traversal, Java privilege elevation, AT commands whitelist / blacklist bypass, a heap overflow in fragmented SMS, and more.
Chrome suffers from an issue where the traits for media::mojom::VideoFrame do not perform any validation on the stride and offset parameters when deserializing untrusted message data.
Chrome has an issue where the GL_ShaderBinary is exposed to untrusted processes.
Chrome has an issue where there is an out-of-bounds string copy that can occur when parsing a uniform sampler name in SpvGetMappedSamplerName.
KODExplorer versions 4.49 and below suffer from cross site request forgery and remote shell upload vulnerabilities.
Nokia OneNDS 17 has loose sudo permissions that can allow users to escalate privileges.
Nokia OneNDS 20.9 has loose sudo permissions that can allow users to escalate privileges.
Serendipity version 2.4.0 suffers from a remote shell upload vulnerability.