Author: Cyberthreat Blog

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.

Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access...

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users...

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first...

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the...