DLL hijacking vulnerability in Sogou High Speed Browser (CNVD-2021-05822)

Sogou Browser is developed by Sogou and is based on Google chromium kernel. Sogou High Speed Browser suffers from a DLL hijacking vulnerability, which can be exploited by attackers to gain server control privileges...

WeChat program has unauthorized access vulnerability

WeChat is a cell phone communication software. An unauthorized access vulnerability exists in the WeChat program, which can be exploited by an attacker to obtain sensitive information...

Command Execution Vulnerability in CMCC R3S-3 of CMCC Internet of Things Ltd (CNVD-2021-05105)

The CMCC R3S-3 is a router. A command execution vulnerability exists in the CMCC R3S-3 of CMCC IoT Ltd. An attacker can exploit the vulnerability to perform remote code execution as root on the device...

Denial of Service Vulnerability in Tenda AC9, AC15 (CNVD-2021-03515)

Founded in 1999, Shenzhen Jixiang Tengda Technology Co., Ltd. is a professional supplier of network communication equipments and solutions, as well as a high-tech enterprise integrating R&D, production, supply, sales and service. A denial of service vulnerability exists in Tenda AC9, AC15, which...

Win911 Enterprise Elevation of Privilege Vulnerability

Win911 Enterprise is a mobile application from Win911 USA that allows information interaction with industrial equipment. An elevation of privilege vulnerability exists in Win-911 Enterprise version V4.20.13, which can be exploited by an attacker to override various executable programs, which coul...

Elevation of Privilege Vulnerability in the Windows Client of Night God Emulator

Night God Emulator is a completely free software. An elevation of privilege vulnerability exists in the Windows client of NightGod Emulator, which can be exploited by an attacker to gain control of the server...

Information Disclosure Vulnerability in FineSoft Pharmaceutical Management Software

Hangzhou Meisoft Information Technology Co., Ltd. was founded on August 25, 2011, the scope of business includes services: technical development of computer software and hardware, technical services; wholesale, retail: computer software, hardware. An information disclosure vulnerability exists in...

CVE-2020-29607

creationtimestamp| type| source ---|---|--- 2020-12-16 18:41:39+00:00| seen| https://t.me/cibsecurity/20923 2021-05-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49909 2021-05-26 12:17:00+00:00| seen| https://t.me/pwnwikizhchannel/510 2021-06-18 20:00:35+00:00|...

Apache NuttX TCP Stack Out-of-Bounds Write Vulnerability

Apache NuttX is a real-time embedded operating system from the Apache Software Foundation.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793. TCP Transmission Control Protocol is a...

cPanel Authentication Bypass Vulnerability (CNVD-2021-28342)

cPanel is a set of Web-based host control management system of the U.S. cPanel. An authentication bypass vulnerability exists in versions of cPanel prior to 90.0.17. An attacker can exploit this vulnerability to bypass authentication...

Unauthorized Access Vulnerability in Server Room Bodyguard Hardware Devices of Guangzhou Yidianbangke Intelligent Network Technology Co.

Guangzhou Yidianbangke Intelligent Network Technology Co. The company's business scope includes: charging pile facility installation and management; electronic equipment recycling technology consulting services; battery sales; software development; research and development of network technology,...

Modern Honey Network (MHN) Denial of Service Vulnerability

Modern Honey Network MHN is a central server for honeypot management and data collection. Modern Honey Network MHN A denial of service vulnerability exists in getflagiplocaldb in server/mhn/ui/utils.py on 2020-11-23 and earlier versions, which can be exploited by an attacker to cause a denial of...

Improper access control

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this...

Unspecified Vulnerability in BASETech GE-131 BT-1837836

The BASETech GE-131 BT-1837836 is a Wi-Fi IP CCTV camera. The BASETech GE-131 BT-1837836 suffers from a device ID predictability vulnerability. An attacker can exploit this vulnerability to connect to the device...

Arbitrary File Download Vulnerability in Dieppe SSL VPN Service

Ltd. is an information security industry manufacturer integrating R&D, production and sales. An arbitrary file download vulnerability exists in DIPPER SSL VPN Service. An attacker can exploit the vulnerability to view or download arbitrary sensitive files...

Red Hat CloudForms Security Vulnerability

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides users with deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. Cloudforms has a security vulnerability that can be...

FreeBSD : raptor2 -- buffer overflow (07c7ae7a-224b-11eb-aa6e-e0d55e2a8bf9)

CVE MITRE reports : raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml. C Tenable Network Security, Inc. The...

Foxit Reader 9.7.1 - Remote Command Execution (Javascript API) Exploit

Exploit Title: Foxit Reader 9.7.1 - Remote Command Execution Javascript API Exploit Author: Nassim Asrir Vendor Homepage: https://www.foxitsoftware.com/ Description: Foxit Reader before 10.0 allows Remote Command Execution via the unsafe app.opencPDFWebPage JavaScript API which allows an attacker...

The vulnerability of the aboutBlankURL() function in the WebKit component of the Apple Safari browser allows a hacker to execute arbitrary code.

The vulnerability of the aboutBlankURL function in the WebKit component of the Apple Safari browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Unspecified Vulnerability in Trend Micro Antivirus for Mac (NVD-C-2020-233707)

Trend Micro Antivirus for Mac is a set of antivirus software based on Mac platform from Trend Micro. A security vulnerability exists in Trend Micro Antivirus for Mac 2020 Consumer that originates from the software's susceptibility to a specific kernel extension request attack, which can be...