Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute…

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service…

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service…

In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service…

In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution…

In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution…

In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution…

In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional…

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service…

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a…