For individuals

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks

The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

Memory corruption while processing IPA statistics, when there are no active clients registered.

Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

Memory corruption while processing frame command IOCTL calls.

Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

information disclosure while invoking the mailbox read API.