Skip to main content

Tim

2 CVEs product

Monthly

CVE-2023-34312 HIGH POC This Week

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Qq Tim
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-24160 HIGH This Week

Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Tim
NVD
CVSS 3.1
7.8
EPSS
0.5%
EPSS 1% CVSS 7.8
HIGH POC This Week

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Qq Tim
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Tim
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy