7 matches found
CVE-2020-28055
A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and...
Sage XRT Treasury database fails to properly restrict access to authorized users
Overview Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Description CWE-639: Authorization Bypass Through User-Controlled Key - CVE-2017-3183Sage XRT...
Linux kernel futex_requeue privilege elevation
Added: 12/03/2014 CVE: CVE-2014-3153 BID: 67906 OSVDB: 107752 Background The futex system call in Linux provides a mechanism for user-space locking. Problem A vulnerability in the Linux kernel allows an unprivileged user to gain root access using a specially crafted futexrequeue call. Resolution...
NetSupport Client Handshake Hostname Overflow
Added: 10/11/2011 CVE: CVE-2011-0404 BID: 45728 OSVDB: 70408 Background NetSupport Manager is a remote desktop support solution. Problem The NetSupport client/server communication is carried out over a proprietary communications protocol. This protocol begins with a handshake between the client a...
BaoFeng Storm M3U Buffer Overflow
BaoFeng Storm M3U File Processing Buffer Overflow Vulnerability Vulnerable: Storm2012 3.10.4.21 Storm2012 3.10.4.16 Storm2012 3.10.4.8 Storm2012 3.10.3.17 Storm2012 3.10.2.5 Storm2012 3.10.1.12 Other versions also may be affected Vendor: www.baofeng.com 1 Software Description: BaoFeng Storm is ve...
[Full-disclosure] GNU gv Stack Overflow Vulnerability
GNU gv Stack Overflow Vulnerability //----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 //-----...
Multiple vulnerabilities in TK8 Safe v.3.0.5
Multiple vulnerabilities in TK8 Safe v.3.0.5 July 3, 2006 ---- Summary: TK8 Safe www.tk8.com is a password management application, which stores authentication details and other sensitive data in encrypted local folders. A number of issues have been discovered in version 3.0.5 of the application...