| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption when decoding corrupted satellite data files with invalid signature offsets. |
| Memory corruption while processing a frame request from user. |
| Memory corruption while preprocessing IOCTL request in JPEG driver. |
| Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. |
| Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling. |
| Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation. |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. |
| Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations. |
| Memory Corruption when retrieving output buffer with insufficient size validation. |
| Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans. |
| Cryptographic issue while copying data to a destination buffer without validating its size. |
| A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. |
| Memory Corruption when handling power management requests with improperly sized input/output buffers. |
| Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection. |
| Kysely is a type-safe TypeScript SQL query builder. Versions up to and including 0.28.11 has a SQL injection vulnerability in JSON path compilation for MySQL and SQLite dialects. The `visitJSONPathLeg()` function appends user-controlled values from `.key()` and `.at()` directly into single-quoted JSON path string literals (`'$.key'`) without escaping single quotes. An attacker can break out of the JSON path string context and inject arbitrary SQL. This is inconsistent with `sanitizeIdentifier()`, which properly doubles delimiter characters for identifiers — both are non-parameterizable SQL constructs requiring manual escaping, but only identifiers are protected. Version 0.28.12 fixes the issue. |
| Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory. |
| Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled (search_custom filter), user-supplied input from the search GET parameter is interpolated directly into a HAVING clause without parameterization or sanitization. This allows an authenticated attacker with basic item search permissions to execute arbitrary SQL queries. A patch did not exist at the time of publication. |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. |
