Vulnerabilities > Tencent > QQ > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-01 CVE-2023-34312 Release of Invalid Pointer or Reference vulnerability in Tencent QQ and TIM
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
local
low complexity
tencent CWE-763
7.8
2022-07-26 CVE-2021-33057 Missing Authorization vulnerability in Tencent QQ 8.7.1
The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location.
network
low complexity
tencent CWE-862
7.5