Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2021-33057

EPSS 0.34% · P57
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-33057

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location. An attacker can use qq.createMapContext to create a MapContext object, use MapContext.moveToLocation to move the center of the map to the device's location, and use MapContext.getCenterLocation to get the latitude and longitude of the current map center.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Tencent QQ 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Tencent QQ是中国腾讯(Tencent)公司的一款的多平台即时通信软件。支持文字、语音和视频聊天,以及文件共享、网络硬盘、邮箱、游戏、论坛、网购、租房与找工作等服务。 Tencent QQ 8.7.1版本存在安全漏洞,该漏洞源于其没有强制权限要求(例如Android .permission. access_fine_location)来确定设备的物理位置。攻击者可以使用qq.createMapContext对象,使用MapContext.moveToLocation将地图的中心移动到设备的位置,并
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2021-33057

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-33057

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-07-26 · 67 CVEs total

CVE-2021-33459yasm 代码问题漏洞
CVE-2021-33440Cesanta MJS 代码问题漏洞
CVE-2021-33441Cesanta MJS 代码问题漏洞
CVE-2021-33442Cesanta MJS 代码问题漏洞
CVE-2021-33453lrzip 资源管理错误漏洞
CVE-2021-33454yasm 代码问题漏洞
CVE-2021-33455yasm 代码问题漏洞
CVE-2021-33456yasm 代码问题漏洞
CVE-2021-33457yasm 代码问题漏洞
CVE-2021-33458yasm 代码问题漏洞
CVE-2021-33452lrzip 安全漏洞
CVE-2021-33460yasm 代码问题漏洞
CVE-2021-33468yasm 资源管理错误漏洞
CVE-2021-33467yasm 资源管理错误漏洞
CVE-2021-33466yasm 代码问题漏洞
CVE-2021-33465yasm 代码问题漏洞
CVE-2021-33464yasm 缓冲区错误漏洞
CVE-2021-33463yasm 代码问题漏洞
CVE-2021-33462yasm 资源管理错误漏洞
CVE-2021-33461yasm 资源管理错误漏洞

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2021-33057

No comments yet

Leave a comment