FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image file.
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
The easy-property-listings plugin before 3.4 for WordPress has XSS.
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).