Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a through 1.0.

The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

In huge memory get unmapped area check, code can never be reached because of a logical contradiction.

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way.

A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access

Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations.

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations

Memory Corruption in SIM management while USIMPhase2init

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.

Memory Corruption in IMS while calling VoLTE Streamingmedia Interface