63 matches found
CVE-2019-1889 Cisco Application Policy Infrastructure Controller REST API Privilege Escalation Vulnerability
A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller APIC Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checki...
Foxit Reader XFA record append remote code execution vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the XFA record append method, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...
Midea's M-Smart smart socket has design logic flaws
M-Smart Smart Socket is a smart home appliance developed by Midea Group. Midea's M-Smart Smart Socket is susceptible to man-in-the-middle attacks due to insecure protocols for transmitting data and lack of validation of what is transmitted on the client and server side. The lack of effective...