Vulnerabilities > Tencent > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-04 | CVE-2023-39988 | Cross-site Scripting vulnerability in Tencent Wxsync 2.7.23 Auth. | 5.4 |
2021-06-06 | CVE-2021-33879 | Download of Code Without Integrity Check vulnerability in Tencent Gameloop Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. | 6.8 |
2021-02-10 | CVE-2020-27874 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tencent Wechat 7.0.18 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. | 6.8 |
2020-09-03 | CVE-2020-24162 | Uncontrolled Search Path Element vulnerability in Tencent 5.8.2.5300 The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. | 4.4 |
2020-09-03 | CVE-2020-24160 | Untrusted Search Path vulnerability in Tencent TIM 3.0.0.21315 Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. | 4.4 |
2020-01-07 | CVE-2019-17151 | Open Redirect vulnerability in Tencent Wechat This vulnerability allows remote attackers redirect users to an external resource on affected installations of Tencent WeChat Prior to 7.0.9. | 5.8 |
2019-07-01 | CVE-2019-13125 | Permissions, Privileges, and Access Controls vulnerability in Tencent Habomalhunter 2.0.0.2/2.0.0.3 HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation. | 6.8 |
2019-05-14 | CVE-2019-11419 | NULL Pointer Dereference vulnerability in Tencent Wechat vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. | 5.5 |
2018-08-30 | CVE-2018-11616 | OS Command Injection vulnerability in Tencent Foxmail 7.2.9.115 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115. | 6.8 |
2018-07-08 | CVE-2018-13439 | XXE vulnerability in Tencent Wechat PAY WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL. | 5.0 |