Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php.
Published Aug 18, 2015 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on a length in a System Information message.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php.
Published Aug 18, 2015 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header.
Published Aug 18, 2015 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the returned suggestions.
Published Aug 31, 2015 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM.
Published Aug 18, 2017 · Updated Sep 16, 2024
Unknown · CVSS Not scored
A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.
Published Aug 3, 2020 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
Published Aug 30, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The gigpress plugin before 2.3.11 for WordPress has XSS.
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
PayPal Pro Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The akismet plugin before 3.1.5 for WordPress has XSS.
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The wp-polls plugin before 2.72 for WordPress has SQL injection.
Published Aug 27, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.
Published Aug 27, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.
Published Aug 28, 2019 · Updated Aug 6, 2024
Unknown · CVSS Not scored
The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().
Published Aug 28, 2019 · Updated Aug 6, 2024