Binary vulnerability in Thunderbolt 11

Xunlei 11 is a download software based on multi-resource hyper-threading technology. A binary vulnerability exists in Xunlei 11, which can be exploited by attackers to cause a denial of service...

Cisco Smart Software Manager Satellite Static Credentials Vulnerability

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. A static credentials vulnerability exists in Cisco Smart Software Manager Satellite version 5.1.0 and earlier. The vulnerability stems from inadequate protection of static credentials. An attacker ca...

Memory Corruption Vulnerability in Tianxing Mini

Tianxing Mini is a configuration software product launched by Beijing Tianxing Configuration Software Co. A memory corruption vulnerability exists in Tianxing Mini. An attacker can exploit the vulnerability by parsing a malformed image which can cause the program to crash...

Rexchip Microelectronics Corporation rockchip kernel suffers from a denial of service vulnerability

With a R&D team specializing in system-on-chip design and algorithm research, Rexchip Microelectronics Corporation provides professional chip solutions for high-end intelligent hardware, cell phone peripherals, tablet PCs, TV set-top boxes, industrial control and other fields. A denial of service...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

CVE-2020-9230

WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal...

Information disclosure

FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information...

JerryScript suffers from a denial of service vulnerability

JerryScript is a lightweight JavaScript engine that attempts to run on top of constrained devices, such as microprocessors. A denial of service vulnerability exists in JerryScript. An attacker could exploit this vulnerability to cause a denial of service...

SchedMD Slurm Authentication Bypass Vulnerability

SchedMD Slurm is SchedMD's open source and highly scalable cluster management and job scheduling system for large and small Linux clusters. A security vulnerability exists in SchedMD Slurm versions 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3. An attacker can exploit the vulnerability to...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-31259)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a buffer overflow...

Adobe Releases Security Updates for After Effects and Media Encoder

Adobe has released security updates to address vulnerabilities in After Effects and Media Encoder. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe...

CVE-2020-8844

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

Portier encryption vulnerability

Portier is an access rights management application. Portier has an encryption vulnerability. An attacker can exploit the access encryption password to gain privileges...

CVE-2017-15314

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600,...

SAP BILaunchPad and Central Management Console Denial of Service Vulnerability

SAP BI Launchpad is the gateway to BO4.0, BO4.0 SAP BusinessObjects a German company SAP SAP provides a wide range of business intelligence software, information management software, enterprise performance management solutions, regulatory, risk and compliance solutions. A denial of service...

Design/Logic Flaw

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

Ember.js Cross-Site Scripting Vulnerability

Tilde Ember.js is the United States Tilde company's set of JavaScript framework for creating Web applications . A cross-site scripting vulnerability exists in Ember.js. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

NTP 'ctl_put()' function buffer overflow vulnerability

Network Time Protocol NTP is a protocol used to synchronize computer time. NTP suffers from a buffer overflow vulnerability in the ctlput function, which can be exploited by an attacker to execute arbitrary code in the context of an affected application...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

GNU gcc integer overflow vulnerability (CNVD-2016-03095)

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in GNU gcc, which arises from a program's failure to properly handle data of type signed int. An attacker could exploit this vulnerability to...