Lucene search
K

770 matches found

Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.28 views

EulerOS 2.0 SP2 : libjpeg-turbo (EulerOS-SA-2021-2396)

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libjpeg-turbo all version have a stack-based buffer overflow in the 'transform' component. A remote attacker can send a malformed jpeg fi...

9.3CVSS7.9AI score0.02728EPSS
Exploits1References4
NVD
NVD
added 2021/08/17 7:15 p.m.17 views

CVE-2021-0641

In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS0.00108EPSS
Exploits0References1
NVD
NVD
added 2021/08/17 7:15 p.m.22 views

CVE-2021-0519

In BITSTREAMFLUSH of ih264ebitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.8CVSS0.00241EPSS
Exploits0References1
NVD
NVD
added 2021/08/17 7:15 p.m.18 views

CVE-2021-0584

In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.5CVSS0.00115EPSS
Exploits0References1
Prion
Prion
added 2021/08/17 7:15 p.m.20 views

Heap overflow

In BITSTREAMFLUSH of ih264ebitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.2CVSS7AI score0.00241EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/17 7:15 p.m.18 views

Design/Logic Flaw

In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

6.8CVSS7.2AI score0.00382EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/17 7:15 p.m.13 views

Design/Logic Flaw

In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...

4.3CVSS5.1AI score0.00327EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/17 7:15 p.m.19 views

Information disclosure

In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

2.1CVSS5.1AI score0.00108EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/17 7:15 p.m.23 views

Design/Logic Flaw

In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...

4.6CVSS7.8AI score0.0012EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/17 6:28 p.m.19 views

CVE-2021-0641

In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.4AI score0.00108EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/17 6:28 p.m.27 views

CVE-2021-0591

In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.4AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2021/08/17 6:28 p.m.140 views

CVE-2021-0593

Technical details about CVE-2021-0593 are not publicly provided in the connected documents. Available references confirm the issue and affected Android versions, but no specific exploit vectors, affected builds, or mitigations are included here. Monitor for updates.

7.8CVSS7.6AI score0.00118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/17 6:28 p.m.20 views

CVE-2021-0584

In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.4AI score0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/17 6:28 p.m.27 views

CVE-2021-0519

In BITSTREAMFLUSH of ih264ebitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.3AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/17 6:28 p.m.33 views

CVE-2021-0646

In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...

8.1AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.23 views

CVE-2021-0599

In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS0.00131EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.26 views

CVE-2021-0594

In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote proximal, NFC escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution...

8CVSS0.01393EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.27 views

CVE-2021-0586

In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.8CVSS0.00298EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.29 views

CVE-2021-0514

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

9.3CVSS0.011EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.27 views

CVE-2021-0604

In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

5.5CVSS0.00144EPSS
Exploits0References1
Rows per page
Query Builder