Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm product...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...

Sony BRAVIA Digital Signage 1.7.8 - Unauthenticated Remote File Inclusion

Exploit Title: Sony BRAVIA Digital Signage 1.7.8 - Unauthenticated Remote File Inclusion Date: 20.09.2020 Exploit Author: LiquidWorm Vendor Homepage: https://pro-bravia.sony.net Version: 1.7.8 Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion Vendor: Sony Electronics Inc...

Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion

Summary Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. Features include management of displays, power schedule management, content playlists, scheduled delivery management, content interrupt, and more. This...

Sony BRAVIA Digital Signage 1.7.8 Client-Side Protection Bypass / IDOR

Summary Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. Features include management of displays, power schedule management, content playlists, scheduled delivery management, content interrupt, and more. This...

SQL Injection Vulnerability in Bo Yun CD-ROM System of Hangzhou Maida Electronics Co.

Hangzhou Maida Electronics Co., Ltd. provides professional library systems, including search, storage, access and other functions, customers involved in the domestic major universities and provincial and municipal libraries. A SQL injection vulnerability exists in Bo Yun CD-ROM system of Hangzhou...

Arbitrary File Download Vulnerability in Internet of Things Platform of Xin Kaipu Electronics Co.

Ltd. is an enterprise specializing in the research and development, production, sales and system integration of one-card software and products. An arbitrary file download vulnerability exists in the Internet of Things IoT platform of Xin Kaipu Electronics Co. An attacker can exploit the...

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation...

CVE-2020-3704

u'While processing invalid connection request PDU which is nonstandard interval or timeout is 0 from central device may lead peripheral system enter into dead lock state.This CVE is equivalent to InvalidConnectionRequestCVE-2019-19193 mentioned in sweyntooth paper' in Snapdragon Auto, Snapdragon...

CVE-2020-3703

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central deviceThis CVE is equivalent to Link Layer Length Overfow issue CVE-2019-16336,CVE-2019-17519 and Silent Length Overflow issueCVE-2019-17518 mentioned in...

CVE-2020-11169

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

Out-of-bounds

u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

CVE-2020-3703

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central deviceThis CVE is equivalent to Link Layer Length Overfow issue CVE-2019-16336,CVE-2019-17519 and Silent Length Overflow issueCVE-2019-17518 mentioned in...

CVE-2020-11153

CVE-2020-11153 affects Qualcomm Snapdragon platforms (Auto, Compute, Connectivity, CEC, IOT, Mobile) including APQ8053, QCA6390/9379, QCN7605, SC8180X, SDX55. Root cause: out-of-bounds memory access while processing GATT data due to insufficient validation of PDU length. This can lead to remote c...

CVE-2020-11141

CVE-2020-11141 describes a buffer over-read in Bluetooth estack caused by a missing length check on the L2CAP configuration request from a peer. Affected are Qualcomm Snapdragon platforms (e.g., APQ8009, APQ8053, QCA6390, QCN7605, SM8250, and others across Snapdragon Auto/Compute/Connectivity/UIs...

Delta Industrial Automation CNCSoft Buffer Overflow (CVE-2020-7002)

A buffer overflow vulnerability exists in Delta Electronics CNCSoft. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

voxxelectronics.com Cross Site Scripting vulnerability OBB-1435852

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

File Upload Vulnerability in the Center Management Server System of Guangzhou Bao Lun Electronics Company Limited (CNVD-2020-59882)

Guangzhou Paulun Electronic Co., Ltd. is a company mainly engaged in public broadcasting, campus broadcasting, conference system, paperless system, recording and broadcasting system, intelligent campus, stage lighting, LED big screen, landscape lighting and other projects. Guangzhou Paulan...

Command Execution Vulnerability in the Center Management Server System of Guangzhou Paulan Electronics Co.

Guangzhou Paulun Electronic Co., Ltd. is a company mainly engaged in public broadcasting, campus broadcasting, conference system, paperless system, recording and broadcasting system, intelligent campus, stage lighting, LED big screen, landscape lighting and other projects. A command execution...

Sony IPELA Network Camera Remote Stack Buffer Overflow

!/usr/bin/env python Sony IPELA Network Camera ftpclient.cgi Remote Stack Buffer Overflow Vendor: Sony Electronics Inc. Product web page: https://pro.sony Affected version: SNC-DH120T v1.82.01 Summary: IPELA is Sony's vision of the ultimate workplace, designed to revolutionize the way business...