Vulnerabilities > Tencent > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-31 CVE-2023-52286 Unspecified vulnerability in Tencent Distributed SQL 1.8.5
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387.
network
low complexity
tencent
7.5
2023-10-12 CVE-2023-40829 Incorrect Authorization vulnerability in Tencent Enterprise Wechat Privatization 2.5.0/2.6.930000
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000.
network
low complexity
tencent CWE-863
7.5
2023-06-01 CVE-2023-34312 Release of Invalid Pointer or Reference vulnerability in Tencent QQ and TIM
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
local
low complexity
tencent CWE-763
7.8
2022-08-03 CVE-2022-35158 Unspecified vulnerability in Tencent Tscancode 2.15.01
A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service (DoS) via a crafted lua script.
network
low complexity
tencent
7.5
2022-07-26 CVE-2021-33057 Missing Authorization vulnerability in Tencent QQ 8.7.1
The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location.
network
low complexity
tencent CWE-862
7.5
2022-07-26 CVE-2021-40180 Information Exposure vulnerability in Tencent Wechat 8.0.10
In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user's address book via wx.searchContacts.
network
low complexity
tencent CWE-200
7.5
2021-06-06 CVE-2021-33879 Download of Code Without Integrity Check vulnerability in Tencent Gameloop
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection.
network
high complexity
tencent CWE-494
8.1
2021-02-10 CVE-2020-27874 Unspecified vulnerability in Tencent Wechat 7.0.18
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18.
network
low complexity
tencent
8.8
2020-09-03 CVE-2020-24162 Uncontrolled Search Path Element vulnerability in Tencent 5.8.2.5300
The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability.
local
low complexity
tencent CWE-427
7.8
2020-09-03 CVE-2020-24160 Uncontrolled Search Path Element vulnerability in Tencent TIM 3.0.0.21315
Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code.
local
low complexity
tencent CWE-427
7.8