Lucene search
K

86 matches found

Cvelist
Cvelist
added 2022/08/11 3:23 p.m.23 views

CVE-2022-20307

In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

4.7AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/11 3:17 p.m.28 views

CVE-2022-20285

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00097EPSS
Exploits0References1
NVD
NVD
added 2022/08/11 3:15 p.m.24 views

CVE-2022-20241

In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS0.0009EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/15 1:24 p.m.24 views

CVE-2022-20206

In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product:...

5.4AI score0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/10 7:57 p.m.24 views

CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.26 views

CVE-2021-39791

In WallpaperManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.27 views

CVE-2021-39739

In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:...

4.7AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2022/01/14 8:15 p.m.21 views

CVE-2021-39680

In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.4CVSS0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/15 6:5 p.m.29 views

CVE-2021-0653

In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.4AI score0.00115EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/11/02 12:0 a.m.28 views

Johnson Controls exacqVision Web Service Information Disclosure (JCI-PSA-2021-16)

Binary data exacqVisionwebservicecve-2021-27664.nbin...

9.8CVSS9.7AI score0.01504EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/09/24 8:11 p.m.37 views

CVE-2021-40655

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page...

7.6AI score0.87039EPSS
Exploits1References2
NVD
NVD
added 2021/09/02 1:15 a.m.23 views

CVE-2021-31796

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys for a credential file is only one, and the number is usually not higher than 2^3...

7.5CVSS0.01763EPSS
Exploits1References4
ArchLinux
ArchLinux
added 2021/06/09 12:0 a.m.134 views

[ASA-202106-21] gitlab: multiple issues

Arch Linux Security Advisory ASA-202106-21 ========================================== Severity: High Date : 2021-06-09 CVE-ID : CVE-2021-22181 CVE-2021-22213 CVE-2021-22214 CVE-2021-22216 CVE-2021-22217 CVE-2021-22218 CVE-2021-22219 CVE-2021-22220 CVE-2021-22221 Package : gitlab Type : multiple...

8.8CVSS1.6AI score0.27806EPSS
Exploits1References24
OSV
OSV
added 2021/03/08 8:38 p.m.40 views

GHSA-P75F-G7GX-2R7P Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager

Impact What kind of vulnerability is it? Who is impacted? Information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this plugin. Patches Has the problem been patched? What versions should users upgrade to? The problem has...

7.1CVSS6.4AI score0.01505EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2021/03/03 6:15 p.m.18 views

CVE-2020-28591

An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

8.6CVSS6.9AI score0.01897EPSS
Exploits1References2
NVD
NVD
added 2020/11/12 6:15 p.m.16 views

CVE-2020-8737

Improper buffer restrictions in the IntelR StratixR 10 FPGA firmware provided with the IntelR QuartusR Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access...

6.8CVSS6.9AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2020/10/01 12:0 a.m.35 views

ASB-A-156021269

In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.1AI score0.00157EPSS
Exploits0References2
Prion
Prion
added 2020/09/17 9:15 p.m.14 views

Information disclosure

In libDRCdec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151927433...

4.3CVSS6.6AI score0.00732EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/03 5:15 p.m.15 views

CVE-2020-23811

xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java...

7.5CVSS6.9AI score
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2020/08/26 12:0 a.m.59 views

Docker: Information disclosure

Background Docker is the world’s leading software containerization platform. Description It was found that Docker created network bridges which by default accept IPv6 router advertisements. Impact An attacker who gained access to a container with CAPNETRAW capability may be able to to spoof route...

6CVSS6.2AI score0.02839EPSS
Exploits0
Rows per page
Query Builder