99 matches found
The vulnerability of the Wireless Data Service module of the Qualcomm Data Services component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Wireless Data Service module of the Qualcomm Data Services operating system in Android is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...
Remote Code Execution Vulnerability in Spring Framework spring-messaging Module
Spring Framework is the United States Pivotal Software's set of open source Java, Java EE application framework. The framework helps developers build high-quality applications . A remote code execution vulnerability exists in the Spring Framework spring-messaging module. An attacker can exploit t...
Google Android System Component Remote Code Execution Vulnerability (CNVD-2018-06644)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A remote code execution vulnerability exists in the Google Android System component. An attacker can exploit the vulnerability to execute arbitrary code in the context of an...
CVE-2017-17860
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone...
Tor has an unspecified vulnerability
Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A security vulnerability exists in Tor. An attacker can exploit the vulnerability to turn off log warnings...
Apache Solr/Lucene Remote Code Execution Vulnerability
Apache Solr is an open source search server . Solr using the Java language development , mainly based on HTTP and Apache Lucene implementation. Lucene is apache Software Foundation 4 jakarta project group a subproject , is an open source full-text search engine toolkit . Apache Solr/Lucene has a...
Microsoft Windows kernel information disclosure vulnerability (CNVD-2017-32966)
Microsoft Windows Server 2008 SP2 is a series of operating systems released by Microsoft. kernel component is one of the kernel components. An information disclosure vulnerability exists in the kernel component of Microsoft Windows, which arises from a program's failure to properly handle memory...
OCaml compiler elevation of privilege vulnerability
OCaml compiler is a compiler for OCaml maintained by the OCaml community that generates standalone programs and supports batch-oriented processing. A security vulnerability exists in OCaml compiler. An attacker can exploit this vulnerability to elevate privileges...
PDNS Manager Remote Command Execution Vulnerability
PDNS Manager is an authoritative domain name server management tool for Powerdns. An arbitrary code execution vulnerability exists in PDNS Manager. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected application run by a user...
Google Android Unauthorized Operation Vulnerability (CNVD-2017-11471)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. There is a security vulnerability in Android. An attacker can exploit the vulnerability to perform unauthorized operations...
WordPress API Data Handling Error Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress suffers from an API data handling error vulnerability. An attacker can exploit this vulnerability to execute...
Elefant CMS Cross-Site Request Forgery Vulnerability
Elefant CMS is a content management system. Elefant CMS suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to execute arbitrary HTML and script code within a user's browser session in the context of an affected site...
Pivotal Cloud Foundry Elastic Runtime Elevation of Privilege Vulnerability
Pivotal Cloud Foundry PCF is a set of open source Platform-as-a-Service PaaS cloud computing platforms from U.S.-based Pivotal Software, which provides container scheduling, continuous delivery, and automated service deployment. An elevation of privilege vulnerability exists in Pivotal Cloud...
Joomla Hbooking Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla Hbooking component. An attacker can exploit the vulnerability to access or modify database data...
Jitsi User Impersonation Vulnerability
Jitsi is an open source, secure ZRTP encrypted, high quality SIP/XMPP video calling, conferencing, chatting, desktop sharing, file transferring. It can be installed on your favorite operating system and supports multiple IM networks. Jitsi suffers from a user impersonation vulnerability. An...
Red Hat oVirt Engine Local Information Disclosure Vulnerability
Red Hat oVirt Engine is an open source virtualization management platform from Red Hat Red Hat, an open source version of RHEV Platform for Enterprise Virtualization, consisting of the oVirt-node client and the overt-engine management side . A local information disclosure vulnerability exists in...
Authd Local Information Disclosure Vulnerability
Authd is a daemon for the RFC 1413 set of ident protocols. Authd suffers from an information disclosure vulnerability that could be exploited by an attacker to submit a special request for sensitive information...
Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity
Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data by using the Sound component...
H2O Directory Traversal Vulnerability
H2O is a set of open source Web server software . H2O suffers from a directory traversal vulnerability. When the program uses the file.dir directive, a remote attacker can exploit the vulnerability to read arbitrary files with the help of a specially crafted URL...