Szolgáltatóknak

Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to...

51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the...

The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.2.15 due to...

Initial xbl_sec revision does not have all the debug policy features and critical checks.

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.

A race condition exists in a driver potentially leading to a use-after-free condition.

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

An image with a version lower than the fuse version may potentially be booted lead to improper authentication.