Spoofing

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data...

CVE-2021-22482

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data...

Huawei Smartphone 安全漏洞

Huawei Emui is a mobile operating system based on Android. magic Ui is a mobile operating system based on Android. Huawei Emui and Magic UI have security vulnerabilities that could be exploited by attackers to cause invalid data to be transmitted...

OpenText Brava! 缓冲区错误漏洞

OpenText Brava! Desktop is a Windows-based viewing and collaboration tool that lets you easily view and collaborate on almost any file. A memory corruption vulnerability exists in the parsing of DXF files in OpenText Brava! Desktop. The vulnerability stems from a lack of proper validation of...

Joe Schofield Get-ip-range Input Validation Error Vulnerability

Joe Schofield Get-ip-range is an application by Joe Schofield, a personal developer in the UK. It provides the ability to convert CIDR representations, IP ranges with hyphens, or two IP addresses into an array of IP address ranges. An input validation error vulnerability exists in Get-ip-range,...

CVE-2020-11197

Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

Multiple Qualcomm Products Input Validation Error Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in multiple...

RHEL 8 : exiv2 (RHSA-2020:1577)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1577 advisory. The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The...

squid: HTTP Request Smuggling could result in cache poisoning

A flaw was found in squid. Due to incorrect data validation, a HTTP Request Smuggling attack against HTTP and HTTPS traffic is possible leading to cache poisoning. The highest threat from this vulnerability is to data confidentiality and integrity...

CVE-2020-8189

A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...

Foxit Reader and PhantomPDF 3D Plugin Denial of Service Vulnerability

Foxit Reader and so on are all Chinese Foxit Foxit company's products.Foxit Reader is a PDF document reader.Foxit 3D Plugin is a use in the PDF document reader in the 3D plugin.Foxit PhantomPDF is a PDF document reader.Foxit PhantomPDF is a PDF document reader. A security vulnerability exists in ...

CVE-2020-11058

In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdpreadfontcapabilityset could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27215)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

Intland Software codeBeamer Cross-Site Scripting Vulnerability

Intland Software codeBeamer is an application lifecycle management platform from Intland Software, Germany. The platform supports application lifecycle management, requirements management, risk management and software development. A cross-site scripting vulnerability exists in Intland Software...

CVE-2019-14013

CVE-2019-14013 affects Snapdragon SoCs (listed family) and is triggered by parsing of an invalid super index table, potentially causing invalid data to be read into the table. The NVD entry rates it as CRITICAL (CVSS 3.1: 9.8) with NETWORK attack vector, no user interaction, and high impact on co...

CVE-2019-19902

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to...

CVE-2019-12620

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...

Authentication flaw

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...

CVE-2019-6809

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 firmware versions prior to V2.90, Modicon M340 firmware versions prior to V3.10, Modicon Premium all versions, Modicon Quantum all versions, which could cause a possible denial of service when reading invalid data from the...

CVE-2019-6809

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 firmware versions prior to V2.90, Modicon M340 firmware versions prior to V3.10, Modicon Premium all versions, Modicon Quantum all versions, which could cause a possible denial of service when reading invalid data from the...