60 matches found
CVE-2024-38466
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...
Shenzhen Guoxin Synthesis Image System Security Vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis Image System versions prior to 8.3.0 that originates from allowing unauthorized user information to be retriev...
CVE-2024-38468
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...
CVE-2024-38467
The CVE-2024-38467 vulnerability affects Shenzhen Guoxin Synthesis Image System prior to version 8.3.0. The issue permits unauthorized retrieval of user information via the queryUser API, with CVSS v3.1 base score 7.5 (HIGH) and network access, no privileges or user interaction required. Remediat...
PT-2024-28020 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System
Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue concerns a default password, specifically 123456Qw, in the Shenzhen Guoxin Synthesis image system. Recommendations: For versions prior to 8.3.0, update to...
Shenzhen Guoxin Synthesis image system security vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in the Shenzhen Guoxin Synthesis image system, version prior to 8.3.0, which stems from a discrepancy in the error response that allows...
Shenzhen Guoxin Synthesis Image System Security Vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis Image System versions prior to 8.3.0 that originates from allowing unauthorized passwords to be reset via the...
CVE-2024-38465
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...
PT-2024-28019 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System
Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows username enumeration due to a response discrepancy between incorrect and error responses. Recommendations: For versions prior to 8.3.0, update to...
CVE-2023-20849
In imgsyscmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350...
CVE-2023-20844
In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121...
CVE-2023-20841
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441...
CVE-2023-20845
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357...
CVE-2023-20839
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409...
MediaTek Chip Resource Management Error Vulnerability
MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of valid range checking in imgsyscmdq, which could be exploited after release...
MediaTek Chip Buffer Error Vulnerability
MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of valid range checking in imgsys, which may allow out-of-bounds writes...
MediaTek Chip Buffer Error Vulnerability
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of valid range checking in imgsys, which may result in out-of-bounds reads...
PT-2023-17666 · Mediatek +3 · Mt2713 +5
Name of the Vulnerable Software and Affected Versions: No specific software name and version are mentioned in the provided descriptions. Description: In imgsys cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege wit...
CVE-2023-20802
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976...
CVE-2023-20804
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384...