Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability. More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html
IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. More information : https://www.ibm.com/support/pages/node/7252019
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html
Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity, and/or availability. More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8014.html
Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of confidentiality or availability More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8014.html
YCCMS 3.4 contains a stored cross-site scripting (XSS) vulnerability in the article management functionality. The vulnerability exists in the add() and getPost() functions within the ArticleAction.class.php file due to improper neutralization of user input...
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php. More information : http://rapidcms.com
An issue was discovered in Cinnamon kotaemon 0.11.0. The _may_extract_zip function in the libsktemktemindexfileui.py file does not check the contents of uploaded ZIP files. Although the contents are extracted into a temporary folder that...
Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smartlife mobile applications, as well as other third-party applications that integrate...
A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), potentially resulting in loss of confidentiality, integrity, and/or availability. More...
Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service. More information : https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8014.html
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user. More information : https://www.ibm.com/support/pages/node/7252197
body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB...