265 matches found
CVE-2021-0456
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-0455
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-0454
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Out-of-bounds
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Out-of-bounds
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Out-of-bounds
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-0456
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-0456
CVE-2021-0456 : In the Citadel chip firmware, there is a possible out-of-bounds write due to a missing bounds check, enabling local escalation of privilege with System execution privileges required. Affected: Citadel chipset firmware in Android kernels (Android ID A-174769927). Impact per sources...
CVE-2021-0455
The CVE-2021-0455 issue is described as an out-of-bounds write in the Citadel chip firmware, caused by a missing bounds check. It grants local elevation of privilege with System execution privileges required, and requires no user interaction to exploit. In the provided materials, the vulnerabilit...
CVE-2021-0455
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-0454
CVE-2021-0454 affects the Citadel chip firmware via an out-of-bounds write caused by a missing bounds check, enabling local privilege escalation with System execution privileges required and no user interaction. In Google Pixel/Android contexts, this vulnerability is mapped to Titan M components ...
CVE-2021-0454
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Citadel WebCit Cross Site Scripting (CVE-2020-27739)
A cross-site scripting vulnerability exists in Citadel WebCit. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Citadel WebCit < 926 - Session Hijacking Exploit
Exploit Title: Citadel WebCit 926 - Session Hijacking Exploit Exploit Author: Simone Quatrini Version: 926 !/usr/bin/env python3 import argparse import requests import time import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...
Unspecified Vulnerability in Citadel WebCit
WebCit is the Citadel Servlet engine. A security vulnerability exists in Citadel WebCit 926 and earlier versions. A remote authentication attacker can exploit this vulnerability to read someone's email via the msgconfirmmove template...
Citadel WebCit User Enumeration Vulnerability
WebCit is the Citadel Servlet engine. A user enumeration vulnerability exists in Citadel WebCit 926 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to enumerate valid users within the platform to obtain sensitive information...
Citadel WebCit Weak Session Management Vulnerability
WebCit is the Citadel Servlet engine. A weak session management vulnerability exists in Citadel WebCit 926 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to hijack the session of a recently logged-in user...
Citadel WebCit Cross-Site Scripting Vulnerability
WebCit is the Citadel Servlet engine. A cross-site scripting vulnerability exists in Citadel WebCit 926 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via multiple pages and parameters...
CVE-2020-27742
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...
CVE-2020-27742
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...