Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the `snap_file` parameter in the `/it-IT/splunkd/__raw/services/get_snapshot` HTTP API endpoint. A 'low privileged' attacker can read any file on the target host.
Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user's privileges, allowing a user to perform actions not belonging to his role.
The OAuth flow implemented in Mattermost server v5.32 > v5.36 is affected by a reflected XSS. An unauthenticated attacker might gain access to the victim's session.
A privileged user can obtain remote code execution on Q'center through a manipulated QPKG installation package.
An unauthenticated attacker can inject JavaScript code on Q'center Virtual Appliance event log page.
QNAP MusicStation and MalwareRemover pre-installed official apps are affected by an arbitrary file upload and a command injection, leading to pre-auth remote root command execution.
The unprivileged user portal part of CentOS Web Panel is affected by SQL Injection and Command Injection vulnerabilities, leading to root Remote Code Execution.
Telegram rlottie 6.1.1_1946 is affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function: a remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device.
Telegram rlottie 6.1.1_1946 is affected by a Heap Buffer Overflow in the LOTGradient::populate function: a remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device.
Telegram rlottie 6.1.1_1946 is affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function: a remote attacker might be able to overwrite Telegram's heap memory out-of-bounds on a victim device.