Lucene search
+L

182 matches found

Prion
Prion
added 2023/05/04 9:15 p.m.18 views

Improper access control

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips...

4.3CVSS7.5AI score0.00146EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/04 12:0 a.m.7 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR May-2023 Release 1 version, which originated in Tips and allowed a local...

7.8CVSS7.6AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.9 views

CVE-2023-21488

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips...

4.4CVSS7.5AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.22 views

CVE-2023-21488

Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips...

4.4CVSS7.7AI score0.00146EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 12:0 a.m.45 views

CVE-2023-21488

CVE-2023-21488 affects Samsung Tips prior to SMR May-2023 Release 1. Root cause: improper access control allowing local attackers to launch arbitrary activities in Tips. Affected software: Tips (Samsung mobile devices) before the May-2023 update. Mitigation: upgrade to SMR May-2023 Release 1 or l...

7.8CVSS7.4AI score0.00146EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/04/19 8:15 p.m.30 views

CVE-2023-21097

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS7.8AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2023/04/19 8:15 p.m.6 views

CVE-2023-21097

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS7.3AI score0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/19 12:0 a.m.7 views

PT-2023-17891 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A confused deputy issue in the toUriInner function of Intent.java allows launching an arbitrary activity, potentially leading to local escalation of privilege without requiring...

7.8CVSS7.8AI score0.00199EPSS
Exploits0References2
OSV
OSV
added 2023/03/24 8:15 p.m.3 views

CVE-2023-20960

In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product...

8.8CVSS7.5AI score0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.3 views

PT-2023-17749 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L through Android-13 Description: The issue is related to improper input validation in the launchDeepLinkIntentToRight function of SettingsHomepageActivity.java. This could allow the launch of arbitrary activities,...

8.8CVSS8.4AI score0.0022EPSS
Exploits0References2
OSV
OSV
added 2023/01/26 9:18 p.m.6 views

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/24 12:0 a.m.40 views

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.9AI score0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.8 views

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.9AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.8 views

PT-2023-17694 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L through Android-13 Description: The issue is related to a possible launch of arbitrary activity due to an Intent mismatch in the code of SettingsActivity.java. This could lead to local escalation of privilege with...

7.8CVSS7.6AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 2022/12/16 4:15 p.m.34 views

CVE-2022-20550

In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

7.8CVSS0.00125EPSS
Exploits0References1
OSV
OSV
added 2022/12/01 12:0 a.m.8 views

PUB-A-242845514

In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00125EPSS
Exploits0References2
CNVD
CNVD
added 2022/07/15 12:0 a.m.56 views

Samsung Wearable Manager Information Disclosure Vulnerability

Samsung Wearable Manager is an application for Samsung Samsung mobile devices that connects wearable devices to mobile devices. Samsung Wearable Manager is vulnerable to an information disclosure vulnerability that stems from the installation of an unprotected dynamic receiver, which could be...

5.5CVSS3AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 2:15 p.m.3 views

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 2:15 p.m.8 views

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information...

5.5CVSS6.1AI score0.00105EPSS
Exploits0References1
NVD
NVD
added 2022/07/12 2:15 p.m.20 views

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information...

5.5CVSS0.00105EPSS
Exploits0References1
Rows per page
Query Builder