Lucene search
K

265 matches found

NVD
NVD
added 2021/03/10 5:15 p.m.19 views

CVE-2021-0456

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.7CVSS0.00124EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 5:15 p.m.23 views

CVE-2021-0455

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7.2CVSS0.00131EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 5:15 p.m.21 views

CVE-2021-0454

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7.2CVSS0.00131EPSS
Exploits0References1
Prion
Prion
added 2021/03/10 5:15 p.m.15 views

Out-of-bounds

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.6CVSS6.7AI score0.00124EPSS
Exploits0References1
Prion
Prion
added 2021/03/10 5:15 p.m.12 views

Out-of-bounds

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7.2CVSS6.7AI score0.00131EPSS
Exploits0References1
Prion
Prion
added 2021/03/10 5:15 p.m.20 views

Out-of-bounds

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7.2CVSS6.7AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/10 4:15 p.m.24 views

CVE-2021-0456

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.9AI score0.00124EPSS
Exploits0References1
CVE
CVE
added 2021/03/10 4:15 p.m.45 views

CVE-2021-0456

CVE-2021-0456 : In the Citadel chip firmware, there is a possible out-of-bounds write due to a missing bounds check, enabling local escalation of privilege with System execution privileges required. Affected: Citadel chipset firmware in Android kernels (Android ID A-174769927). Impact per sources...

6.7CVSS6.7AI score0.00124EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/10 4:15 p.m.40 views

CVE-2021-0455

The CVE-2021-0455 issue is described as an out-of-bounds write in the Citadel chip firmware, caused by a missing bounds check. It grants local elevation of privilege with System execution privileges required, and requires no user interaction to exploit. In the provided materials, the vulnerabilit...

7.2CVSS6.7AI score0.00131EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/10 4:15 p.m.26 views

CVE-2021-0455

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.9AI score0.00131EPSS
Exploits0References1
CVE
CVE
added 2021/03/10 4:15 p.m.49 views

CVE-2021-0454

CVE-2021-0454 affects the Citadel chip firmware via an out-of-bounds write caused by a missing bounds check, enabling local privilege escalation with System execution privileges required and no user interaction. In Google Pixel/Android contexts, this vulnerability is mapped to Titan M components ...

7.2CVSS6.7AI score0.00131EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/10 4:15 p.m.24 views

CVE-2021-0454

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.9AI score0.00131EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2020/11/23 12:0 a.m.19 views

Citadel WebCit Cross Site Scripting (CVE-2020-27739)

A cross-site scripting vulnerability exists in Citadel WebCit. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

7.5CVSS4.9AI score0.01814EPSS
Exploits1
Exploit DB
Exploit DB
added 2020/10/30 12:0 a.m.604 views

Citadel WebCit < 926 - Session Hijacking Exploit

Exploit Title: Citadel WebCit 926 - Session Hijacking Exploit Exploit Author: Simone Quatrini Version: 926 !/usr/bin/env python3 import argparse import requests import time import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/10/29 12:0 a.m.4 views

Unspecified Vulnerability in Citadel WebCit

WebCit is the Citadel Servlet engine. A security vulnerability exists in Citadel WebCit 926 and earlier versions. A remote authentication attacker can exploit this vulnerability to read someone's email via the msgconfirmmove template...

6.5CVSS7.1AI score0.01136EPSS
Exploits1References1
CNVD
CNVD
added 2020/10/29 12:0 a.m.1 views

Citadel WebCit User Enumeration Vulnerability

WebCit is the Citadel Servlet engine. A user enumeration vulnerability exists in Citadel WebCit 926 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to enumerate valid users within the platform to obtain sensitive information...

5.3CVSS6.8AI score0.01277EPSS
Exploits1References1
CNVD
CNVD
added 2020/10/29 12:0 a.m.1 views

Citadel WebCit Weak Session Management Vulnerability

WebCit is the Citadel Servlet engine. A weak session management vulnerability exists in Citadel WebCit 926 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to hijack the session of a recently logged-in user...

9.8CVSS6.9AI score0.01814EPSS
Exploits1References1
CNVD
CNVD
added 2020/10/29 12:0 a.m.2 views

Citadel WebCit Cross-Site Scripting Vulnerability

WebCit is the Citadel Servlet engine. A cross-site scripting vulnerability exists in Citadel WebCit 926 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via multiple pages and parameters...

6.1CVSS6AI score0.00831EPSS
Exploits1References1
NVD
NVD
added 2020/10/28 7:15 p.m.22 views

CVE-2020-27742

An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...

6.5CVSS6.4AI score0.01136EPSS
Exploits1References2
OSV
OSV
added 2020/10/28 7:15 p.m.5 views

CVE-2020-27742

An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...

6.5CVSS5.8AI score0.01136EPSS
Exploits1References2
Rows per page
Query Builder