72 matches found
CVE-2020-4329
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841...
Design/Logic Flaw
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841...
CVE-2020-4329
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841...
CVE-2016-2031
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions...
CVE-2016-2031
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions...
CVE-2018-6243
NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version: N/A...
CVE-2018-6243
NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version: N/A...
GHSA-QQV6-5W6P-3PGR Moderate severity vulnerability that affects org.hswebframework.web:hsweb-commons
An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java...
CVE-2018-20594
An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java...
Huawei Mate 9 Pro NFC Module Buffer Overflow Vulnerability
Huawei Mate 9 Pro is a smartphone from Chinese company Huawei Huawei. The Huawei Mate 9 Pro NFC module suffers from a buffer overflow vulnerability, which is due to a lack of parameter checking in the program. An attacker can use a device such as an NFC reader to inject malicious data into the...
Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability
Summary An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. The vulnerability is present in the reading of a file without proper parameter checking. The value read in, is not verified to be valid and its use can lead to...
Huawei Mate 10 Memory Out-of-Bounds Access Vulnerability
Huawei Mate 10 is a smartphone from Chinese company Huawei Huawei. The Huawei Mate 10 suffers from a memory out-of-bounds access vulnerability, which is due to a lack of parameter checking in the phone's GPU driver. An attacker can trick a user into installing a malicious application and calling...
Huawei Enjoy phone has information leakage vulnerability
Huawei Enjoy 5S/5 are both a smartphone from the Chinese company Huawei Huawei. The Huawei Enjoy phone suffers from an information leakage vulnerability, which is due to the lack of effective checking of parameters on the device. An attacker induces the user to install a malicious application tha...
Huawei Honor 8 Buffer Overflow Vulnerability
The Huawei Honor 8 is a smartphone from the Chinese company Huawei Huawei. The Huawei Honor 8 suffers from a buffer overflow vulnerability due to a lack of parameter checking in the phone's CameraISP driver. An attacker exploits the vulnerability by tricking users into installing a malicious...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11305)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information
The vulnerability of the drivers/char/adsprpc.c file in Qualcomm’s Android operating system is related to insufficient checking of parameters and returned values. Exploiting this vulnerability can allow a remote attacker to obtain confidential information through a specially created application...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information
The vulnerability of the arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c file of Qualcomm’s Android operating system is related to insufficient checking of input parameters. Exploiting this vulnerability can allow a remote attacker to obtain confidential information through a specially created...
CVE-2016-2049
examples/consumer/common.php in JanRain PHP OpenID library aka php-openid improperly checks the openid.realm parameter against the SERVERNAME element in the SERVER superglobal array, which might allow remote attackers to hijack the authentication of arbitrary users via vectors involving a crafted...
vold asec
Insufficient paramter checking for asec container creation allows an asec container to be mounted over part of the filesystem using directory traversal if the app has the ASEC permissions such as ASECCREATE There is an adb tethered root explot for motorola phones...
CVE-2013-5459
Unspecified vulnerability in IBM Rational Software Architect RSA Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking...