19 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a...
Opal 跨站请求伪造漏洞
Opal is an Open Source Software for Epidemiology open source core database application for biobanking or epidemiology research. A cross-site request forgery vulnerability exists in Opal versions prior to 5.1.1, which stems from insufficient cross-site request forgery protection that can be bypass...
CVE-2022-3578
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
WordPress plugin Team Members 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Team Members plugin versions prior to 5.1.1 contain a cross-site scripting vulnerability that stems...
Fortinet FortiWAN 授权问题漏洞
Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. An authorization issue vulnerability exists in Fortinet FortiWAN that stems from an error in the authentication process. The following products and...
GHSA-FF7X-QRG7-QGGM dot-prop Prototype Pollution vulnerability
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects...
Android Media Framework Information Disclosure Vulnerability
Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of Media Framework in Android versions prior to 5.1.1 LMY48Z and 6.0 2015-12-01, which can be exploited by remote attackers to obtain sensitive information and bypass...
Android Native Frameworks Library Information Disclosure Vulnerability
Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of the Native Frameworks Library in Android versions prior to 5.1.1 LMY48Z and 6.0 2015-12-01, which can be exploited by remote attackers to obtain sensitive information...
Android elevation of privilege vulnerability (CNVD-2015-06568)
Android is a mobile operating system based on the Linux open kernel led and developed by Google and the Open Handset Alliance. An elevation of privilege vulnerability exists in Android versions prior to 5.1.1, LMY48T, which allows an attacker to gain privileges through a crafted application...
Android elevation of privilege vulnerability (CNVD-2015-06569)
Android is a mobile operating system based on the Linux open kernel led and developed by Google and the Open Handset Alliance. An elevation of privilege vulnerability exists in Android versions prior to 5.1.1, LMY48T, which allows an attacker to gain privileges through a crafted application...
CVE-2015-6603
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23227354...
Android Denial of Service Vulnerability (CNVD-2015-06606)
Android is an operating system based on the Linux open kernel, announced on November 5, 2007 by Google Inc. for cell phones. A denial of service vulnerability exists in Android versions prior to 5.1.1, LMY48I. It allows remote attackers to execute arbitrary code or cause a denial of service via...
CVE-2015-1539
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...
CVE-2015-1536
Integer overflow in the BitmapcreateFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service systemserver crash or obtain sensitive systemserver memory-content information via a crafted application that leverages...
CVE-2015-1536
Integer overflow in the BitmapcreateFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service systemserver crash or obtain sensitive systemserver memory-content information via a crafted application that leverages...
Integer overflow
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-based buffer overflow, aka internal bug...
CVE-2015-6601
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 22935234...
CVE-2015-1539
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...
Sql injection
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...