8.4CVSS
7.8AI Score
0.0004EPSS
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance...
9.1CVSS
9.1AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal...
7.8CVSS
7.8AI Score
0.0004EPSS
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in...
6.5CVSS
6.4AI Score
0.0004EPSS
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK...
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface...
7.8CVSS
7.9AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in MPP performance while accessing DSM watermark using external memory...
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working...
7.8CVSS
7.6AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack may be launched...
8.8CVSS
8.5AI Score
0.001EPSS
wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has...
8.8CVSS
9AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through...
8.8CVSS
8.6AI Score
0.001EPSS
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet...
3.7CVSS
4.3AI Score
0.0005EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network...
7.5CVSS
8AI Score
0.001EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network...
7.5CVSS
7.5AI Score
0.001EPSS
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network...
6.5CVSS
7.1AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data...
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
6.1CVSS
5.6AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
Information Disclosure in Qualcomm IPC while reading values from shared memory in...
6.1CVSS
5.3AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
9.3CVSS
7.6AI Score
0.0004EPSS
Memory Corruption in Core due to secure memory access by user while loading modem...
8.4CVSS
7.5AI Score
0.0004EPSS
8.2CVSS
7.7AI Score
0.0004EPSS
9.8CVSS
9.3AI Score
0.001EPSS
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Video Gallery by Total-Soft Video Gallery – Best WordPress YouTube Gallery Plugin allows SQL Injection.This issue affects Video Gallery – Best WordPress YouTube Gallery Plugin: from n/a through...
9.8CVSS
9.8AI Score
0.001EPSS
The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsive_video_gallery_with_lightbox_video_management_func() function. This makes it possible for unauthenticated...
5.4CVSS
5.5AI Score
0.001EPSS
Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at insta_parser.php. This vulnerability allows attackers to use the vulnerable website as proxy to attack other websites or exfiltrate data via a HTTP...
9.8CVSS
9.3AI Score
0.001EPSS
The RSS Aggregator by Feedzy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.2. This is due to missing or incorrect nonce validation on the save_feedzy_post_type_meta() function. This makes it possible for unauthenticated attackers to update...
4.3CVSS
4.2AI Score
0.001EPSS
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3...
7.1CVSS
5.7AI Score
0.0005EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Galaxy Weblinks Video Playlist For YouTube plugin <= 6.0...
8.8CVSS
8.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3...
8.8CVSS
8.8AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and...
5.4CVSS
5.7AI Score
0.0004EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. QuTScloud c5.1.x is not affected. We have already fixed the vulnerability in the...
8.8CVSS
8.8AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and...
8.8CVSS
8.7AI Score
0.001EPSS
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...
Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5...
8.8CVSS
8.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading.....
8.8CVSS
8.8AI Score
0.001EPSS