:: Deepquest ::

WordPress Mega Main Menu plugin version 2.2.2 suffers from a backup disclosure vulnerability.

Online Food Ordering System version 2.0 suffers from a remote shell upload vulnerability.

Online Food Ordering System version 2.0 suffers from a remote SQL injection vulnerability.

The Mali driver tries to use the KBASE_REG_NO_USER_FREE flag to ensure that the memory region referenced by kbase_csf_tiler_heap::buf_desc_reg cannot be freed by userspace. However, this flag is only a single bit, and there can be multiple tiler heaps referencing the same memory region. This can lead to a use-after-free condition.

Linux kernel version 4.10 suffers from a use-after-free vulnerability in __do_semtimedop() due to a lockless check outside the RCU section.

MOV.AI Robotics Engine version 2.2.3-3 suffers from multiple cross site scripting vulnerabilities.

Tiki Wiki CMS Groupware versions 25.0 and below suffer from multiple cross site request forgery vulnerabilities.

Tiki Wiki CMS Groupware versions 24.0 and below suffer from a PHP code injection vulnerability in structlib.php.

Tiki Wiki CMS Groupware versions 24.0 and below suffers from a PHP object injection vulnerability in grid.php.

Tiki Wiki CMS Groupware versions 24.1 and below suffer from a PHP object injection vulnerability in tikiimporter_blog_wordpress.php.