CVE-2025-27036 Buffer Over-read in Video

Information disclosure when Video engine escape input data is less than expected minimum size...

CVE-2025-27036

CVE-2025-27036 concerns Qualcomm chipsets with a vulnerability in the Video engine’s handling of input data smaller than the expected minimum size. Root cause: a buffer/processing mismatch in the video engine leads to information disclosure. Affected: Qualcomm chipsets (Video engine component); e...

PT-2024-2396 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ version 3.2.5 Description: A SQL injection vulnerability has been discovered in the "Add News" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to...

CLSA-2022-1646060576 Fix of CVE: CVE-2022-24407

CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands rhbz2055846...

SUSE-SU-2015:1249-1 Security update for augeas

This update fixes an untrusted argument escaping problem CVE-2014-8119: new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions augmatch is changed to return properly escaped output...

Struts 2.3.15.3 Cross Site Scripting

Abstract£º The latest version of the current official struts-2.3.15.3£¬struts2-showcase.war demo XSS still exist! Details£º I found an update of the official demo of Strust2, so I did a test. It used to be able to filter, escape input and escape output, but why didn¡¯t it escape this time? Proofs...