Google - Information Disclosure Information disclosure vulnerability in Google Ads application
Instagram - Remote DoS Remote application-level DoS vulnerability to crash instagram application of Android users
CVE-2020-29653 Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.
CVE-2020-14406 Still to disclose
CVE-2020-16264 Still to disclose
CVE-2019-16469 Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2019-6588 In Liferay Portal before 7.1 CE GA4, an XSS vulnerability exists in the SimpleCaptcha API when custom code passes unsanitized input into the "url" parameter of a JSP taglib call. Liferay Portal out-of-the-box behavior with no customizations is not vulnerable.
SVE-2018-13300 A vulnerability allows attackers to change USB configuration without authentication.
CVE-2018-18467 An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent.
CVE-2018-13042 The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are exported), it is possible to crash the 1Password instance.