CVE-2024-3173

Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

CVE-2017-14873

CVE-2017-14873 affects Android devices using MSM CAF Linux kernels with the Qualcomm graphics driver. The issue is described as a kernel memory overwrite in the pp_pgc_get_config() function, enabling a local escalation of privileges or memory corruption as indicated by the CVSS in public records....

TESO Web 2.0 SQL Injection

============================================ TESO web 2.0 SQLInjection/ Blind SQLInjection ============================================= I. VULNERABILITY ------------------------- Title: TESO SQLInjection/ Blind SQLInjection Vendor:http://www.tesoweb.com Author:Juan Carlos García @secnight Follow...

RunCMS xoopsOption Parameter Local File Inclusion

The version of RunCMS installed on the remote host fails to sanitize user input to the 'xoopsOptionpagetype' parameter before using it to include PHP code in 'include/common.php'. Regardless of PHP's 'registerglobals' setting, an unauthenticated, remote attacker may be able to exploit this issue ...