π¨ CVE-2022-24456
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453.
π@cveNotify
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453.
π@cveNotify
π¨ CVE-2022-24453
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456.
π@cveNotify
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24456.
π@cveNotify
π¨ CVE-2022-22007
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.
π@cveNotify
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.
π@cveNotify
π¨ CVE-2022-22006
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.
π@cveNotify
HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456.
π@cveNotify
π¨ CVE-2021-42577
An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.
π@cveNotify
An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.
π@cveNotify
π¨ CVE-2021-42262
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
π@cveNotify
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
π@cveNotify
π¨ CVE-2021-41850
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.
π@cveNotify
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.
π@cveNotify
Athack
@Hack | Infosec on the Edge | 28 - 30 November 2021
atHack (@Hack) is one of the worldβs largest infosec events, bringing together global CISOs, elite ethical hackers & 14,000+ visitors in Riyadh, Saudi Arabia
π¨ CVE-2021-41849
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user's list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted to log.skyroam.com.cn using HTTP, independent of whether the user uses the Simo software.
π@cveNotify
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user's list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted to log.skyroam.com.cn using HTTP, independent of whether the user uses the Simo software.
π@cveNotify
Athack
@Hack | Infosec on the Edge | 28 - 30 November 2021
atHack (@Hack) is one of the worldβs largest infosec events, bringing together global CISOs, elite ethical hackers & 14,000+ visitors in Riyadh, Saudi Arabia
π¨ CVE-2021-34338
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
GitHub
Segmentation fault in function getName, decompile.c:457 Β· Issue #201 Β· libming/libming
Hi, there. There is a segmentation fault in the newest master branch 04aee52. Here is the reproducing command: swftophp poc POC: seg-decompile457.zip Here is the reproduce trace reported by ASAN: =...
π¨ CVE-2021-34339
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
GitHub
Segmentation fault in function getString, decompile.c:380 Β· Issue #202 Β· libming/libming
Hi, there. There is a segmentation fault in the newest master branch 04aee52. Here is the reproducing command: swftophp poc POC: seg-decompile380.zip Here is the reproduce trace reported by ASAN: =...
π¨ CVE-2021-34340
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
π¨ CVE-2021-34341
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
π@cveNotify
GitHub
Buffer overflow in decompileIF, decompile.c:2516 Β· Issue #204 Β· libming/libming
Hi, there. There is a buffer overflow in the newest master branch 04aee52. Here is the reproducing command: swftophp poc POC: overflow-decompiler2516.zip Here is the reproduce trace reported by ASA...
π¨ CVE-2022-0880
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
π@cveNotify
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
π@cveNotify
GitHub
file upload bug Β· star7th/showdoc@818d7fe
ShowDoc is a tool greatly applicable for an IT team to share documents onlineδΈδΈͺιεΈΈιεITε’ιηε¨ηΊΏAPIζζ‘£γζζ―ζζ‘£ε·₯ε
· - file upload bug Β· star7th/showdoc@818d7fe
π¨ CVE-2021-44625
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request.
π@cveNotify
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request.
π@cveNotify
GitHub
IoT_CVE/886N/deviceInfoRegister at main Β· Yu3H0/IoT_CVE
My IoT CVEs. Contribute to Yu3H0/IoT_CVE development by creating an account on GitHub.
π¨ CVE-2021-44626
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.
π@cveNotify
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.
π@cveNotify
GitHub
IoT_CVE/886N/getRegVeriRegister at main Β· Yu3H0/IoT_CVE
My IoT CVEs. Contribute to Yu3H0/IoT_CVE development by creating an account on GitHub.
π¨ CVE-2021-34342
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
π@cveNotify
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
π@cveNotify
GitHub
Buffer overflow in newVar_N, decompile.c:751 Β· Issue #205 Β· libming/libming
Hi, there. There is a buffer overflow in the newest master branch 04aee52 which causes a huge memory information leakage. Here is the reproducing command: swftophp poc POC: overflow-decompiler751.z...
π¨ CVE-2021-44623
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface.
π@cveNotify
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface.
π@cveNotify
GitHub
IoT_CVE/886N/chkResetVeriRegister at main Β· Yu3H0/IoT_CVE
My IoT CVEs. Contribute to Yu3H0/IoT_CVE development by creating an account on GitHub.
π¨ CVE-2021-44622
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.
π@cveNotify
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.
π@cveNotify
GitHub
IoT_CVE/886N/chkRegVeriRegister at main Β· Yu3H0/IoT_CVE
My IoT CVEs. Contribute to Yu3H0/IoT_CVE development by creating an account on GitHub.
π¨ CVE-2021-44630
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/modify_account_pwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.
π@cveNotify
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/modify_account_pwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.
π@cveNotify
GitHub
IoT_CVE/886N/modifyAccPwdRegister at main Β· Yu3H0/IoT_CVE
My IoT CVEs. Contribute to Yu3H0/IoT_CVE development by creating an account on GitHub.
π¨ CVE-2022-0926
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
π@cveNotify
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
π@cveNotify
GitHub
Update Files.php Β· microweber/microweber@89200cf
Drag and Drop Website Builder and CMS with E-commerce - Update Files.php Β· microweber/microweber@89200cf