Author: Cyberthreat Blog

Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.

In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond...

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.

In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.

In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.