163 matches found
CVE-2021-38786
There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash denial of service...
CVE-2021-38785
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedardev that could use the ioctl cmd IOCTLGETIOMMUADDR to cause a system crash...
CVE-2021-38789
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings...
CVE-2021-38783
There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedardev" through iotcl cmd IOCTLSETPROCINFO and IOCTLCOPYPROCINFO, which could cause a system crash or EoP...
FreeBSD : routinator -- multiple vulnerabilities (11982747-544c-11ee-ac3e-a04a5edf46d9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 11982747-544c-11ee-ac3e-a04a5edf46d9 advisory. NLnet Labs report: This release fixes two issues in Routinator that can be exploited remotely by rogue...
CVE-2023-21441
Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q10, 3.1.21.10 in Android R11 and 3.5.2.23 in Android S12 allows local attacker to access protected files via unused code...
CVE-2023-21441
The CVE-2023-21441 entry concerns a Guarded Routine component in Android on Samsung devices with insufficient verification of data authenticity. Affected versions are Android Q before 2.6.30.6, Android R before 3.1.21.10, and Android S before 3.5.2.23, where a local attacker could access protecte...
CVE-2022-39915
CVE-2022-39915 is an improper access control vulnerability in the Samsung Calendar app. It affects Calendar versions prior to: Android Q 11.6.08.0, Android R 12.2.11.3000, Android S 12.3.07.2000, and Android T 12.4.02.0, where an attacker could access sensitive information via implicit intent. Th...
CVE-2022-39915
Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q10, 12.2.11.3000 in Android R11, 12.3.07.2000 in Android S12, and 12.4.02.0 in Android T13 allows attackers to access sensitive information via implicit intent...
CVE-2022-23998
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R11, 10.5.03.77 in Android Q10 and 9.0.6.68 in Android P9 allows untrusted applications to take a picture in screenlock status...
CVE-2022-23433
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...
Improper access control
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...
Improper access control
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R11, 10.5.03.77 in Android Q10 and 9.0.6.68 in Android P9 allows untrusted applications to take a picture in screenlock status...
CVE-2022-23998
The CVE-2022-23998 entry documents an improper access control vulnerability in the Camera app on Android devices (pre-11.1.02.16 for Android R, pre-10.5.03.77 for Android Q, pre-9.0.6.68 for Android P). The issue allows untrusted applications to capture a photo while the device is screen-locked. ...
CVE-2021-38789
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings...
CVE-2021-38789
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings...
Improper access control
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings...
CVE-2021-38789
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings...
CVE-2021-38789
CVE-2021-38789 affects Allwinner R818 SoC with Android Q SDK V1.0. The issue is an incorrect access control vulnerability where the caller’s permission is not checked, enabling a non-specified third-party app to change system settings. Connected documents confirm the affected product and root cau...
CVE-2021-38788
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. Malicious apps can use the interface provided by the service to set the number of applications allowed to run in the background to 0 and add themselves to the whitelist, so that once other...