Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.

A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.

Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0.

Transient DOS while parsing WLAN beacon or probe-response frame.

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Memory corruption in Automotive GPU while querying a gsl memory node.

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Memoru corruption in Audio when ADSP sends input during record use case.

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Transient DOS in WLAN Firmware while parsing FT Information Elements.

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

Information disclosure in Kernel due to indirect branch misprediction.

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the P

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer head

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208.

IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.

A vulnerability was found in Broken Link Checker Plugin up to 1.10.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function options_page of the file core/core.php of the component Settings Page. The manipula

In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

A vulnerability, which was classified as critical, was found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file view_service.php. The manipulation of the argument id leads to sql injection. It is possib

In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.