CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34408
https://notcve.org/view.php?id=CVE-2024-34408
03 May 2024 — Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. Tencent libpag hasta 4.3.51 tiene un desbordamiento de enteros en DecodeStream::checkEndOfFile() en codec/utils/DecodeStream.cpp a través de un archivo PAG (gráficos animados portátiles) manipulado. • https://github.com/Tencent/libpag/issues/2230 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-52286
https://notcve.org/view.php?id=CVE-2023-52286
31 Dec 2023 — Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387. Tencent tdsqlpcloud hasta 1.8.5 permite a atacantes remotos no autenticados descubrir credenciales de bases de datos mediante una solicitud index.php/api/install/get_db_info, un problema relacionado con CVE-2023-42387. • https://github.com/Narrator21/tdsql/blob/main/20230927.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-24162
https://notcve.org/view.php?id=CVE-2020-24162
03 Sep 2020 — The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code. La aplicación Shenzhen Tencent versión 5.8.2.5300 para plataformas de PC (de Tencent App Center) presenta una vulnerabilidad de secuestro de DLL. Los atacantes pueden usar esta vulnerabilidad para ejecutar código malicioso • https://www.cnvd.org.cn/flaw/show/2105399 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16216
https://notcve.org/view.php?id=CVE-2017-16216
07 Jun 2018 — tencent-server is a simple web server. tencent-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. "tencent-server" es un servidor web sencillo. "tencent-server" es vulnerable a un problema de salto de directorio que otorga a un atacante acceso al sistema de archivos colocando "../" en la URL. • https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tencent-server • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •