An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 version 1.6 and below where an attacker can cause a Regular Expression…

Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. Devamını Oku

Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes, Devamını Oku

Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. Devamını Oku

Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes, Devamını Oku

In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running…

In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure…

In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. This could lead to local…

In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of…

In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution…