Design/Logic Flaw

Iris 3.8 before build 1548, as used in Xpient point of sale POS systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer...

CVE-2013-2571

Iris 3.8 before build 1548, as used in Xpient point of sale POS systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer...

CVE-2013-2571

CVE-2013-2571 affects Iris 3.8 (before build 1548) used in Xpient POS. A remote attacker can trigger the cash drawer via a crafted request to TCP port 7510, enabling arbitrary command-like actions without authentication, as demonstrated by PoC code. The vulnerability is caused by an input-validat...

CVE-2013-1744

IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands...

CVE-2013-1744

IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands...

CVE-2013-1744

Technical details are not publicly provided in the supplied documents; monitor for updates. Current descriptions indicate a remote command execution vulnerability in IRIS citations management tool up to version 1.3, with no further specifics in the connected sources.

Unspecified Vulnerability in Lava Iris 88 Lite

Lava Iris 88 Lite is a smartphone from Lava India. Lava Iris 88 Lite has an unspecified vulnerability. An attacker can exploit the vulnerability to unauthorized switching of Wi-Fi...

The vulnerability in the software for creating 3D computer graphics with Blender arises from a full-integer overflow, allowing an attacker to execute arbitrary code.

The vulnerability of Blender’s software for creating 3D computer graphics arises from a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created IRIS file...

CVE-2019-15374

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

CVE-2019-15362

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...

CVE-2019-15338

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the devic...

CVE-2019-15334

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to...

Design/Logic Flaw

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the devic...

Authorization

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...

Authorization

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

Design/Logic Flaw

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to...

CVE-2019-15374

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

CVE-2019-15374

CVE-2019-15374 affects the Lava Iris 88 Lite Android device (build fingerprint LAVA/iris88_lite/iris88_lite:8.1.0...). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that allows any co-located app to modify a system property wi...

CVE-2019-15362

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...

CVE-2019-15362

CVE-2019-15362 affects the Lava Iris 88 Go Android device (build fingerprint LAVA/iris88_go/iris88_go:8.1.0/O11019/1538188945:user/release-keys). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that allows any co-located app to ...