Memory corruption while parsing the ML IE due to invalid frame content.

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.

Memory corruption while configuring a Hypervisor based input virtual device.

Memory corruption while parsing the memory map info in IOCTL calls.

Information disclosure while processing IO control commands.

Information disclosure during audio playback.

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.

The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wpf_delete_file functions in all versions up to, and including, 4.0.9. This makes it possible for unauthenticated attackers to delete project pages and files.

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.