iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return.

The TheDevildogGamer (aka com.wTheDevildogGamer) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.

Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/.

SQL injection vulnerability in sites/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to execute arbitrary SQL commands via the show element in a GET request.

SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.