Filtered by vendor Tencent
Subscriptions
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11419 | 1 Tencent | 1 Wechat | 2024-11-21 | 5.5 Medium |
| vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. The content of the replacement must be derived from the phone's IMEI. The crash occurs upon receiving a message that contains the replaced emoji. | ||||
| CVE-2018-13439 | 1 Tencent | 1 Wechat Pay | 2024-11-21 | N/A |
| WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL. | ||||
| CVE-2018-11616 | 1 Tencent | 1 Foxmail | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5543. | ||||