Vulnerabilites CVE

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.

A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with...

A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other ...

A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with ...

A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with ...

There is a file inclusion vulnerability in the template management module in UCMS 1.6

A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.

In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.

In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed.

74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.

In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

The AdminPad WordPress plugin before 2.2 does not have CSRF check when updating admin's note, allowing attackers to make a logged in admin update their notes via a CSRF attack

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.

In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTM...

In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editbrand.php.

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.

The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensiti...

In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.

In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and di...

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.