360 matches found
Input validation
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using...
CVE-2016-8785
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using...
CVE-2016-8785
Huawei VRP-based devices (S12700, S5700, S7700, S9700) running listed V200R0xx releases have an input validation vulnerability: malformed VRP packets can trigger display of additional memory data, potentially leaking sensitive information. The root cause is lack of input validation in the VRP pla...
CVE-2016-8785
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using...
CVE-2017-17723
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file...
CVE-2017-17723
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file...
CVE-2017-17723
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file...
Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CNVD-2018-00530)
Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Edge is one of the default browsers that comes with the system.scripting engine is one of the JavaScrip...
Microsoft Windows Edge and Internet Explorer and Microsoft ChakraCore Information Disclosure Vulnerability
Microsoft Windows is an operating system released by Microsoft Corporation in the U.S. Edge and Internet Explorer IE are among the browsers. The former is the default browser that comes with the latest operating system, Windows 10, and the latter is the default browser that comes with operating...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-37119)
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. An information disclosure vulnerability exists in the kernel in Microsoft Windows, which is caused by a program's failure to properly initialize memory addresse...
Saia Burgess Controls PCD Controllers Information Disclosure Vulnerability
PCD Controller is a family of programmable controllers for measurement, regulation and control tasks from Saia Burgess Controls, Switzerland. An information disclosure vulnerability exists in Saia Burgess Controls PCD Controllers, which can be exploited by an attacker to obtain sensitive...
The vulnerability of the Jython software platform, related to the restoration of unreliable data in memory, allowing a hacker to execute arbitrary code.
The vulnerability of the Jython software platform lies in the possibility of restoring unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code using a specially created serialized object of type PyFunction...
Microsoft Office Outlook Information Disclosure Vulnerability
Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. Microsoft Office Outlook has a security vulnerability in the way in-memory content is disclosed, which allows remote attackers to exploit the vulnerability by submitting a special request ...
The vulnerability of Microsoft Excel spreadsheet editors, the Microsoft SharePoint Server corporate application suite, and the Microsoft Office Compatibility Pack compatibility suite allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of Microsoft Excel spreadsheet editors, the Microsoft SharePoint Server corporate application suite, and the Microsoft Office Compatibility Pack relates to the lack of protection for operational data. Exploitation of this vulnerability can allow a malicious actor, operating...
The vulnerability of the Internet Explorer browser allows a perpetrator to obtain confidential information from the process’s memory, cause a service failure, or have other effects on the system.
The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the process memory, cause service failures, or otherwise affect the syst...
Input validation
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and writ...
CVE-2016-8764
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and writ...
The vulnerability of the Internet Explorer browser, which allows a violator to obtain confidential information
The vulnerability of the VBS script execution mechanism in Internet Explorer is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a specially crafted...
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...