30 matches found
Design/Logic Flaw
"HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded natively at runtime;...
CVE-2020-4100
HCL Verse for Android is affected by a vulnerability linked to its use of dynamic code loading. The root cause is the ability to load components at runtime, which can lead to loading unintended code if not implemented properly. Some connected reports explicitly describe a HCL Verse Android code-e...
CVE-2020-4100
"HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded natively at runtime;...
Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability (CNVD-2020-14220)
Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the P4 tutorial...
Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability (CNVD-2020-14219)
Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the Virtual Broadba...
Directory traversal
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
CVE-2014-2720
IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as...
FreeBSD : vlc -- unintended code execution with specially crafted data (752ce039-5242-11df-9139-00242b513d7c)
VideoLAN project reports : VLC media player suffers from various vulnerabilities when attempting to parse malformatted or overly long byte streams. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...
vlc -- unintended code execution with specially crafted data
VideoLAN project reports: VLC media player suffers from various vulnerabilities when attempting to parse malformatted or overly long byte streams...
Opera may insecurely execute binary data encoded in a URI
Overview The Opera web browser fails to validate data encoded using the RFC 2397 scheme. A remote attacker may be able to execute arbitrary code on a vulnerable system. Description The Opera web browser fails to properly handle binary data encoded following the RFC 2397 specification for sending...