NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.

A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletedoctor.php. The manipulation of the argument did leads to sql injection. The attack may be launched remotely. Th…

HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.

A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code.

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data.

A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content.

An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying specific registry locations.

An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file.

A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute code with elevated permissions.

A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application that could allow a nearby attacker within the Bluetooth interaction range to intercept files when transferred to a device not paired in Smart Connect.