18 matches found
CVE-2024-20906
Vulnerability in the Integrated Lights Out Manager ILOM product of Oracle Systems component: System Management. Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out...
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no additional execution...
CVE-2023-20906
creationtimestamp| type| source ---|---|--- 2025-02-28 20:26:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5969...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2023-42045 PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2023-42045 PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2023-42045
PDF-XChange Editor is affected by an Out-Of-Bounds Read in J2K file parsing that enables Remote Code Execution. The issue stems from inadequate validation while parsing J2K data, allowing reads past allocated objects and arbitrary code execution in the process context. Public disclosures (ZDI-23-...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...
CVE-2024-20906
creationtimestamp| type| source ---|---|--- 2024-02-10 11:06:50+00:00| seen| https://t.me/ctinow/182526...
CVE-2024-20906
CVE-2024-20906 affects Oracle’s Integrated Lights Out Manager (ILOM) in the System Management component for versions 3–5. The flaw enables a highly privileged attacker with network access over ICMP to compromise ILOM, with attack success requiring user interaction and potentially affecting other ...
CVE-2024-20906
...
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no additional execution...
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no additional execution...
CVE-2023-20906
CVE-2023-20906 affects Android’s Framework component (PermissionManagerService.java). The vulnerability enables a silent privilege grant after a Target SDK update, constituting a local Elevation of Privilege (EoP) due to a permissions bypass. Exploitation requires local access with low privileges...
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no additional execution...
CVE-2022-20906
CVE-2022-20906 affects Cisco Nexus Dashboard with multiple privilege-escalation vulnerabilities due to insufficient input validation during CLI command execution. An authenticated local attacker could log in as the rescue-user and craft a malicious payload to run vulnerable CLI commands, potentia...
CVE-2018-20906
cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction SEC-430...
CVE-2018-20906
CVE-2018-20906 affects cPanel before 71.9980.37. The issue allows attackers to make API calls that bypass the images feature restriction (SEC-430). The connected documents confirm the product (cPanel), affected version range (before 71.9980.37), and the described impact (bypassing images feature ...