- EPSS 0.02%
- Veröffentlicht 10.09.2025 11:35:57
- Zuletzt bearbeitet 11.09.2025 17:14:10
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users<use...
CVE-2016-1518
- EPSS 0.85%
- Veröffentlicht 21.04.2017 20:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive ...
CVE-2016-1519
- EPSS 0.23%
- Veröffentlicht 21.04.2017 20:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate...
CVE-2016-1520
- EPSS 0.25%
- Veröffentlicht 21.04.2017 20:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The Grandstream Wave app 1.0.1.26 and earlier for Android does not use HTTPS when retrieving update information, which might allow man-in-the-middle attackers to execute arbitrary code via a crafted application.