CVE-2023-38290

CVE-2023-38290 affects BLU View 2 and Sharp Rouvo V Android devices due to a vulnerable pre-installed com.evenwell.fqc app. The issue: inadequate access control lets local third-party apps execute arbitrary shell commands in the app’s system context without special permissions, enabling actions s...

com.evenwell.fqc 安全漏洞

com.evenwell.fqc is a component. A security vulnerability exists in com.evenwell.fqc, which arises from the fact that certain software versions of the device contain a vulnerable pre-installed application com.evenwell.fqc that allows a native third-party application to execute arbitrary shell...

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

CVE-2023-38290

Certain software builds for the BLU View 2 and Sharp Rouvo V Android devices contain a vulnerable pre-installed app with a package name of com.evenwell.fqc versionCode='9020801', versionName='9.0208.01' ; versionCode='9020913', versionName='9.0209.13' ; versionCode='9021203',...

Sensitive Information in Resource Not Removed Before Reuse

Overview Affected versions of this package are vulnerable to Sensitive Information in Resource Not Removed Before Reuse due to a flaw in the JPEG and TGA decoders, when a specially crafted image file is passed to a software using ImageSharp. An attacker can potentially disclose sensitive...

PT-2024-24371 · Unknown · Imagesharp

Name of the Vulnerable Software and Affected Versions: ImageSharp versions prior to 2.1.8 ImageSharp versions prior to 3.1.4 Description: A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This issue is triggered when an attacker passes a specially crafted JPEG or TGA image file...

ImageSharp 安全漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API from ImageSharp, Inc. A security vulnerability exists in ImageSharp versions prior to v3.1.4 and prior to v2.1.8, which stems from a heap-release-after-reuse flaw found in ImageSharp's JPEG and TGA decoders, which i...

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 displays due to a incorrect restriction on the path name to the restricted access catalog. This allows an attacker to execute arbitrary code.

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, and MD551C8 displays due to an incorrect...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free due to the InitializeImage function in the PngDecoderCore.cs file. An attacker can potentially lead to information disclosure by passing a specially crafted PNG image file for conversion. Remediation Upgrade...

Sharp NEC Display Solutions' public displays vulnerable to local file inclusion

Overview Multiple public displays provided by Sharp NEC Display Solutions, Ltd. contain a local file inclusion vulnerability CWE-22, CVE-2023-7077. Tunahan TEKEOĞLU of Senior Cyber Security Consultant reported this vulnerability to Sharp NEC Display Solutions, Ltd. and coordinated. Sharp NEC...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

CVE-2023-7077

CVE-2023-7077 affects Sharp NEC Display Solutions public displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8). Affected components allow...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

Sharp NEC Displays Path Traversal Vulnerability

Sharp NEC Displays is a large screen display from Sharp NEC Japan. A security vulnerability exists in Sharp NEC Displays that originates from allowing an attacker to execute remote code by sending unintended parameters in an Http request...

PT-2024-2323

Name of the Vulnerable Software and Affected Versions Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 Description The issue...

Sharp JH-RV11 Security Vulnerability

Sharp JH-RV11 is an energy management controller for cloud services from Sharp Japan. A security vulnerability exists in Sharp JH-RV11 Ver.B0.1.9.1 version and earlier versions. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...

Sharp JH-RV11 Security Vulnerability

The Sharp JH-RV11 is an energy management controller for cloud services from Sharp Japan. A security vulnerability exists in Sharp JH-RV11 Ver.B0.1.9.1 version and prior versions that stems from incorrect authentication...

Sharp JH-RV11 Security Vulnerability

Sharp JH-RV11 is an energy management controller for cloud services from Sharp Japan. A security vulnerability exists in Sharp JH-RV11 Ver.B0.1.9.1 version and earlier versions. An attacker could exploit this vulnerability to perform an operating system command injection attack...

Sharp JH-RV11 Security Vulnerability

The Sharp JH-RV11 is an energy management controller for cloud services from Sharp Japan. A security vulnerability exists in Sharp JH-RV11 Ver.B0.1.9.1 version and earlier versions, which stems from incorrect access control...