CVE-2024-8359 Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability

Visteon Infotainment REFLASHDDUFindFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability...

(0Day) Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REFLASHDDUExtractFile function. A crafted software update...

Input validation

Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These...

Cisco TelePresence Video Communication Server RCE (cisco-sa-ewrce-QPynNCjh)

According to its self-reported version, Cisco TelePresence Video Communication Server is affected by a remote code execution vulnerability in its web-based management interface due to incorrect handling of certain crafted software images that are uploaded to an affected device. An unauthenticated...

Code injection

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrec...

CVE-2021-34716 Cisco Expressway Series and TelePresence Video Communication Server Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrec...

CVE-2021-34716 Cisco Expressway Series and TelePresence Video Communication Server Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrec...

CVE-2021-30219

samurai 1.2 has a NULL pointer dereference in printstatus function in build.c via a crafted build file...

Huawei AIS-BW80H-00 Input Validation Error Vulnerability

Huawei AIS-BW80H-00 is a smart speaker device from Huawei China. Huawei AIS-BW80H-00 is vulnerable to an input validation error, which could be exploited by an attacker to load a crafted software package onto the device...

CVE-2020-9118

There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Affected product versions include:AIS-BW80H-0...

Huawei AIS-BW80H-00 输入验证错误漏洞

Huawei AIS-BW80H-00 is a smart speaker device from Huawei China. Huawei AIS-BW80H-00 is vulnerable to an input validation error, which could be exploited by an attacker to load a crafted software package onto the device...

CVE-2020-9226

HUAWEI P30 with versions earlier than 10.1.0.135C00E135R2P11 have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device...

Microsoft Windows DirectX Graphics Kernel Local Elevation of Privilege Vulnerability

Microsoft Windows is a popular operating system. A local elevation of privilege vulnerability exists in the Microsoft Windows DirectX Graphics Kernel. An attacker could exploit this vulnerability to compromise a vulnerable system via a constructed application...

Design/Logic Flaw

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...

Microsoft Windows Kernel Local Privilege Elevation Vulnerability (CNVD-2016-11012)

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A local elevation of privilege vulnerability exists in the Microsoft Windows kernel. Due to a failure of the kernel API to properly handle privileges, a local...

Cisco Unified IP Phones Multiple Vulnerabilities (cisco-sa-20110601-phone)

According to its self-reported version, the version of the Cisco Unified IP Phone software running on the remote device has the following vulnerabilities : - Cisco Unified IP Phones 7900 series are prone to privilege escalation vulnerabilities. An authenticated attacker could exploit this issue t...