6 matches found
PT-2023-17801 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to Android-13 Description: The issue is related to a possible out of bounds read in the p2p iface.cpp file due to a missing bounds check. This could lead to local information disclosure, with System execution privileges...
CVE-2019-10128
Removed by vendor...
CVE-2016-10148
The wpajaxupdateplugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a getplugindata call before checking the updateplugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to...
Design/Logic Flaw
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
CVE-2015-0548
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
CVE-2015-0547
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...