Scopia XT Desktop version 8.3.915.4 suffers from a cross site request forgery vulnerability.
>> CATEGORY: exploit
Audio Playback Recorder version 3.2.2 SEH local buffer overflow exploit.
IlchCMS version 2.1.37 suffers from multiple cross site scripting vulnerabilities.
The CloundExperienceHostBroker hosts unsafe COM objects accessible to a normal user leading to elevation of privilege.
Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.
The Qualcomm Adreno GPU shares a global mapping called a “scratch” buffer with the Adreno KGSL kernel driver. The contents of the scratch buffer can be overwritten by untrusted GPU…
The StorageFolder class when used out of process can bypass security checks to read and write files not allowed to an AppContainer.
Cabot version 0.11.12 suffers from a persistent cross site scripting vulnerability.
Grocy version 2.7.1 suffers from a persistent cross site scripting vulnerability.
Joomla GMapFP component versions J3.5 and J3.5F suffer from an unauthenticated arbitrary file upload vulnerability.