ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.

MISC:https://github.com/tuxera/ntfs-3g/issues/16 | URL:https://github.com/tuxera/ntfs-3g/issues/16

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

MISC:https://consumer.huawei.com/en/support/bulletin/2022/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2022/5/

Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.

MISC:https://consumer.huawei.com/en/support/bulletin/2022/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2022/5/

The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.

MISC:https://consumer.huawei.com/en/support/bulletin/2022/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2022/5/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162

The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.

MISC:https://consumer.huawei.com/en/support/bulletin/2022/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2022/5/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162

The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.

MISC:https://consumer.huawei.com/en/support/bulletin/2022/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2022/5/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

MISC:https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf | URL:https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf

The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

MISC:https://wpscan.com/vulnerability/49589867-f764-4c4a-b640-84973c673b23 | URL:https://wpscan.com/vulnerability/49589867-f764-4c4a-b640-84973c673b23

The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting

MISC:https://wpscan.com/vulnerability/cba4ccdd-9331-4ca0-b910-8f427ed9b540 | URL:https://wpscan.com/vulnerability/cba4ccdd-9331-4ca0-b910-8f427ed9b540

Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.

MISC:https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 | URL:https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021