A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers…

In convert2rhel, there’s an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow…

A vulnerability was found in LogoStore. It has been classified as critical. Affected is an unknown function of the file /LogoStore/search.php. The manipulation of the…

File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. Zafiyet ile…

In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user’s directories unencrypted due to a logic error in the code.…

In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with…

In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over…

In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution…

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to…

In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure…