Arm Mali has an issue where a driver exposes physical addresses to unprivileged userspace.
The Mali driver frees GPU page tables before removing the higher-level PTEs pointing to those page tables (and, therefore, also before issuing the required flushes). This means a racing memory…
In the Linux Mali driver, when building with MALI_USE_CSF, the VFS read handler of the main Mali file descriptor (kbase_read()) never looks at its “count” parameter. This means that a…
Wifi HD Wireless Disk Drive 11 – Local File Inclusion
WiFiMouse 1.8.3.4 – Remote Code Execution (RCE)
Genesys PureConnect as of their build on 08-October-2020 suffers from a cross site scripting vulnerability.
WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
OpenCart 3.x Newsletter Custom Popup module version 4.0 suffers from a remote blind SQL injection vulnerability.
Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
PhotoSync version 4.7 suffers from a local file inclusion vulnerability.