Vulnerabilities > Tencent > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-52286 | Unspecified vulnerability in Tencent Distributed SQL 1.8.5 Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387. | 7.5 |
| 2023-10-12 | CVE-2023-40829 | Incorrect Authorization vulnerability in Tencent Enterprise Wechat Privatization 2.5.0/2.6.930000 There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000. | 7.5 |
| 2023-06-01 | CVE-2023-34312 | Release of Invalid Pointer or Reference vulnerability in Tencent QQ and TIM In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition. | 7.8 |
| 2022-08-03 | CVE-2022-35158 | Unspecified vulnerability in Tencent Tscancode 2.15.01 A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service (DoS) via a crafted lua script. | 7.5 |
| 2022-07-26 | CVE-2021-33057 | Missing Authorization vulnerability in Tencent QQ 8.7.1 The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location. | 7.5 |
| 2022-07-26 | CVE-2021-40180 | Information Exposure vulnerability in Tencent Wechat 8.0.10 In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user's address book via wx.searchContacts. | 7.5 |
| 2021-06-06 | CVE-2021-33879 | Download of Code Without Integrity Check vulnerability in Tencent Gameloop Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. | 8.1 |
| 2021-02-10 | CVE-2020-27874 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tencent Wechat 7.0.18 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. | 8.8 |
| 2020-09-03 | CVE-2020-24162 | Uncontrolled Search Path Element vulnerability in Tencent 5.8.2.5300 The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. | 7.8 |
| 2020-09-03 | CVE-2020-24160 | Uncontrolled Search Path Element vulnerability in Tencent TIM 3.0.0.21315 Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. | 7.8 |