CVE-2024-40516

An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote attacker to execute arbitrary code via the Routing functionality...

JVN#77203800: OET-213H-BTS1 missing authorization check in the initial configuration

OET-213H-BTS1 is a digital temperature measurement and face recognition terminal, developed by Zhejiang Uniview Technologies Co.,Ltd and provided by Atsumi Electric Co., Ltd. The initial configuration of the product is ​insecure CWE-1188, it does not perform an authorization check when processing...

JVN#19243534: ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal

ESS REC Agent Server Edition for Linux etc. provided by Encourage Technologies Co.,Ltd. contain a directory traversal vulnerability CWE-23. Impact Arbitrary files on the server may be viewed or altered by an attacker. Solution Update the software Update the software to the latest version accordin...

CVE-2022-44235

Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 20181130-16:12 is vulnerable to Cross Site Scripting XSS...

CVE-2022-44236

CVE-2022-44236 affects Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807. A weak password vulnerability is identified in this version; CVSSv3.1 base score 9.8 (NETWORK, HIGH impact to confidentiality, integrity, availability). Public exploit details are not provided in the primar...

CVE-2022-44236

Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 20181130-16:12 has a Weak password vulnerability...

Weak Password Vulnerability in Huawei Eudemon200E Series Firewalls

Huawei Technologies Co., Ltd. is a leading global information and communications technology ICT solutions provider. A weak password vulnerability exists in Huawei Eudemon200E series firewalls, which can be exploited by attackers to obtain sensitive information...

Weak password vulnerability in H3C ER3100 of Xinhua San Technologies Co.

H3C ER3100 is a router from Hangzhou Huasan Communication Technology Co. Ltd. The H3C ER3100 suffers from a weak password vulnerability that can be exploited by attackers to obtain sensitive information...

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow (Unicode)

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow Unicode !/usr/bin/env python -- coding: utf-8 -- Huawei eSpace Meeting cenwpoll.dll Unicode Stack Buffer Overflow with SEH Overwrite Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected...

Huawei eSpace 1.1.11.103 - DLL Hijacking

/ Huawei eSpace Desktop DLL Hijacking Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create more convenient Enhanced Communications EC services for...

Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow

Huawei eSpace Meeting Image File Format Handling Buffer Overflow Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create more convenient Enhanced...

Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)

!/usr/bin/env python -- coding: utf-8 -- Huawei eSpace Meeting cenwpoll.dll Unicode Stack Buffer Overflow with SEH Overwrite Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected application: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpac...

Huawei eSpace 1.1.11.103 - DLL Hijacking Exploit

Exploit for windows platform in category local exploits / Huawei eSpace Desktop DLL Hijacking Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create...

Huawei eSpace 1.1.11.103 Meeting Heap Overflow

Huawei eSpace Meeting ContactsCtrl.dll and eSpaceStatusCtrl.dll ActiveX Heap Overflow Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC eSpace UC V200R002C02 Summary: Create...

firefox: multiple issues

CVE-2016-1952 CVE-2016-1953 arbitrary code execution Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough...

CSP reports fail to strip location information for embedded iframe pages — Mozilla

Security researcher Muneaki Nishimura nishimunea of Recruit Technologies Co.,Ltd. reported that Content Security Policy CSP violation reports contained full path information for cross-origin iframe navigations in violation of the CSP specification. This could result in information disclosure...