52 matches found
CVE-2020-18717
SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a lack of parameter filtering in inc/zzztemplate.php...
CVE-2020-16192
LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters...
CVE-2020-1771
Attacker is able craft an article with a link to the customer address book with malicious content JavaScript. When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: OTRS Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior...
CVE-2017-15325
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow...
Fedora 27 : xen (2017-333ea49a63)
xen: various flaws 1490884 Missing NUMA node parameter verification XSA-231, CVE-2017-14316 Missing check for grant table XSA-232, CVE-2017-14318 cxenstored: Race in domain cleanup XSA-233, CVE-2017-14317 insufficient grant unmapping checks for x86 PV guests XSA-234, CVE-2017-14319 Note that...
Huawei MHA-AL00A Reboot Vulnerability
Huawei MHA-AL00A is a smartphone product of Huawei, China.Bastet is one of the communication drivers. A security vulnerability exists in Bastet in versions prior to Huawei MHA-AL00A MHA-AL00BC00B231, which stems from a missing parameter check. An attacker can exploit the vulnerability by tricking...
Missing state parameter in OAuth requests leading to CSRF vulnerability
More info at https://github.com/sensiolabs/connect/pull/63...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11305)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11306)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11303)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11304)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
OpenSSL: Certificate verify crash with missing PSS parameter
A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacker could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication...