14 matches found
CVE-2023-21273
In SDPAddAttribute of sdpdb.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability that originates from an incorrect boundary check in the SDPAddAttribute module of sdpdb.cc, which can be exploited by an attacker to run arbitrary code on the syste...
PT-2023-18053 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: In the SDP AddAttribute function of sdp db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead t...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
Dom4j contains a XML Injection vulnerability
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
CVE-2018-1000632
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
Input validation
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
CVE-2018-1000632
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...