lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read.
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14891 (August 2019).
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool all versions, CW Configurator all versions, Data Transfer all versions, EZSocket all versions, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GT SoftGOT1000…
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.