81 matches found
PT-2024-1794
Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier Description The issue is related to an improper neutralization of special elements used in an OS command, which could lead to arbitrary code execution by an attacker. This...
PT-2023-9137 · Adobe · Commerce
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts...
PT-2023-9138 · Adobe · Commerce
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier Description: The issue is related to an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user...
EMC RSA Archer < 6.7.0.3 Multiple Vulnerabilities
The version of EMC RSA Archer running on the remote web server is prior to 6.7.0.3 6.7 P3, 6.6 P6 6.6.0.6 or 6.5 P7 6.5.0.7. It is, therefore, affected by multiple vulnerabilities: - RSA Archer, versions prior to 6.7 P3 6.7.0.3, contain an information exposure vulnerability. An authenticated...
Design/Logic Flaw
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the...
CVE-2017-3138 named exits with a REQUIRE assertion failure if it receives a null command string on its control channel
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of name...
Code injection
Huawei Ascend P7 allows remote attackers to cause a denial of service phone process crash...
CVE-2015-2245
Huawei Ascend P7 allows remote attackers to cause a denial of service phone process crash...
CVE-2015-2245
Huawei Ascend P7 allows remote attackers to cause a denial of service phone process crash...
CVE-2015-2245
CVE-2015-2245 affects Huawei Ascend P7 (Sophia-L09) running Android 4.4/EMUI 3.0. The vulnerability arises in the phone module when a third-party app sends specific broadcast messages or enables specific UIs, allowing remote-like triggering that leads to a denial of service (phone process crash)....
Huawei P7 and P8 Youth Edition GPU Driver Denial of Service Vulnerability
Huawei P7 and P8 Youth Edition are smartphone devices from Huawei, a Chinese company.GPU driver is one of the graphics drivers. A denial of service vulnerability exists in the GPU driver in the Huawei P7 and P8 Youth Edition. An attacker can exploit this vulnerability by tricking a user into...
Huawei P7 and P8 Youth Edition Denial of Service Vulnerability
The Huawei P7 and P8 Youth Edition are both smartphone devices from the Chinese company Huawei Huawei. A denial of service vulnerability exists in the camera driver in the Huawei P7 and P8 Youth Edition. An attacker can exploit the vulnerability by tricking users into installing a malicious...
Huawei P7 GPU Driver Elevation of Privilege Vulnerability
Huawei P7 is a smartphone from the Chinese company Huawei.GPU driver is a graphics processor driver used in... An elevation of privilege vulnerability exists in the GPU driver in the Huawei P7, where the GPU fails to adequately validate the legitimacy of incoming parameters. A local attacker can...
CVE-2015-8089
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service system crash or gain privileges via a...
Memory corruption
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service system crash or gain privileges via a...
CVE-2015-8089
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service system crash or gain privileges via a...
CVE-2015-8089
The CVE-2015-8089 issue affects Huawei P7 devices (P7-L00/L05/L09) with specific firmware builds prior to P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851. The root cause is a GPU driver input validation failure that allows local attackers to read or write arbitrary kernel memory, enabling either ...
Huawei P7-L10 MeWidget Information Disclosure Vulnerability
The P7-L10 is a smartphone from the Chinese company Huawei.MeWidget is one of the desktop customization tools. An information disclosure vulnerability exists in the MeWidget plugin in Huawei P7-L10 V100R001C00B136 and earlier versions. The vulnerability can be exploited by an attacker with the he...
CVE-2015-8223
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service OS crash by leveraging camera permissions and via crafted input to the camera driver...
CVE-2015-7740
Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service OS crash via vectors involving an application that passes crafted input to the GPU driver...