Vulnerabilities > Tencent
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-52286 | Unspecified vulnerability in Tencent Distributed SQL 1.8.5 Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387. | 7.5 |
| 2023-10-12 | CVE-2023-40829 | Incorrect Authorization vulnerability in Tencent Enterprise Wechat Privatization 2.5.0/2.6.930000 There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000. | 7.5 |
| 2023-09-04 | CVE-2023-39988 | Unspecified vulnerability in Tencent Wxsync 2.7.23 Auth. | 5.4 |
| 2023-06-01 | CVE-2023-34312 | Release of Invalid Pointer or Reference vulnerability in Tencent QQ and TIM In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition. | 7.8 |
| 2023-04-26 | CVE-2023-30363 | Unspecified vulnerability in Tencent Vconsole 3.15.0 vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts. | 9.8 |
| 2022-08-03 | CVE-2022-35158 | Unspecified vulnerability in Tencent Tscancode 2.15.01 A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service (DoS) via a crafted lua script. | 7.5 |
| 2022-07-26 | CVE-2021-33057 | Missing Authorization vulnerability in Tencent QQ 8.7.1 The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location. | 7.5 |
| 2022-07-26 | CVE-2021-40180 | Information Exposure vulnerability in Tencent Wechat 8.0.10 In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user's address book via wx.searchContacts. | 7.5 |
| 2022-05-03 | CVE-2021-27439 | Unspecified vulnerability in Tencent Tencentos-Tiny 3.1.0 TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc incorrect calculation of effective memory allocation size. | 9.8 |
| 2021-06-06 | CVE-2021-33879 | Download of Code Without Integrity Check vulnerability in Tencent Gameloop Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. | 8.1 |