7654 matches found
Google Android Information Disclosure Vulnerability (CNVD-2022-81245)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from the disclosure of installed packets due to a lack of permission checking in ActivityManager. An attacker can exploit this vulnerabilit...
SUSE SLED15: WebKit2GTK-4.0-lang / WebKit2GTK-4.1-lang / WebKit2GTK-5.0-lang / etc (SUSE-SU-2022:3137-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3137-1 advisory. - Updated to version 2.36.7 bsc1202807: - CVE-2022-32893: Fixed an issue that would be triggered when...
SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:3136-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3136-1 advisory. - Updated to version 2.36.7 bsc1202807: - CVE-2022-32893: Fixed an issue that would be triggered when processing malicious web content and...
[SECURITY] Fedora 36 Update: exim-4.96-2.fc36
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
Code injection
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...
CVE-2022-2461 Transposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings Change
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...
MediaTek Apusys 缓冲区错误漏洞
MediaTek Apusys is a chipset from MediaTek, a Chinese company. A security vulnerability exists in MediaTek Apusys that stems from a lack of boundary checking and out-of-scope writes. This could result in a local privilege escalation that requires system execution privileges...
MediaTek vow 缓冲区错误漏洞
MediaTek vow is an application chip from MediaTek, China. It provides optimized platform size and power consumption. A security vulnerability exists in MediaTek vow, which is caused by an out-of-range write due to incorrect boundary checking. This could result in a local privilege escalation that...
Debian dla-3087 : gir1.2-javascriptcoregtk-4.0 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3087 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3087-1 [email protected] https://www.debian.org/lts/security/...
CVE-2022-22104
Memory corruption in multimedia due to improper check on the messages received. in Snapdragon Auto...
CVE-2021-35108
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...
CVE-2021-35108
CVE-2021-35108 concerns Qualcomm/Qualcomm closed‑source components in Snapdragon Connectivity and Snapdragon Mobile. The root cause is improper checking of the AP-S lock bit when verifying secure resource group permissions, which can permit non‑secure read and write access. The CVSSv3.1 base vect...
PT-2025-18483
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the netlink protocol. The issue involves bounds-checking for the creation of the struct nlmsgerr, which is used to handl...
Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability
Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The shortcoming, tracked as CVE-2022-32893 CVSS score: 8.8, is an out-of-bounds write issue affecting WebKit that could...
Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78481)
Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking of the formSetVirtualSer function. An attacker could exploit the vulnerability to overflow the buffer and execute arbitrary code on t...
Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78483)
Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking of the fromSetWifiGusetBasic function. An attacker could exploit this vulnerability to overflow the buffer and execute arbitrary code...
Tenda AX180 Stack Overflow Vulnerability (CVE-2022-37821)
Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability, which is caused by improper boundary checking of the formSetProvince function. An attacker could exploit this vulnerability to overflow the buffer and execute arbitrary...
Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78477)
Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking in the fromSetRouteStatic function. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary cod...
Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78520)
Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the setSmartPowerManagement function. An attacker could exploit this vulnerability to overflow the...
Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78516)
Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the formSetSpeedWan function. An attacker could exploit this vulnerability to overflow the buffer and...