320 matches found
Directory traversal
A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs by abusing the URL + escape character during a Wi-Fi transfer, which could be exploited by attackers to bypass intended restrictions on local application files...
Google Android MTK Media Elevation of Privilege Vulnerability
Android is a Linux-based open-source operating system developed by Google and the Open Handset Alliance OHA in the U.S. MTK Media is a MediaTek media component used in it. An elevation of privilege vulnerability exists in MTK Media in Android. A remote attacker can exploit this vulnerability to...
Apple iOS v11 6S & 7 - (Health App) DoS Vulnerability
Document Title: =============== Apple iOS v11 6S & 7 - Health App DoS Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2103 Video: https://www.youtube.com/watch?v=AC8Jc8s7uCU ID: 677013407 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID...
CVE-2017-6264
CVE-2017-6264 is an elevation-of-privilege vulnerability in the NVIDIA GPU driver used on Android, specifically within the gm20b_clk_throt_set_cdev_state path. An out-of-bounds memory read can be used as a function pointer, potentially allowing a local attacker to execute arbitrary code in kernel...
Google Android NVIDIA Component Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the NVIDIA GPU driver is an NVIDIA graphics processor driver component used in it. The NVIDIA GPU driver in Android is vulnerable to a power lifting vulnerability. A remote...
Design/Logic Flaw
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker...
Local Application Access With PREFER Keywords
Application will launch within ICA channel even if it's installed locally on VDA itself...
Google Android Memory Subsystem Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. The Memory subsystem is one of the memory subsystems. An information disclosure vulnerability exists in the Memory subsystem of the Imgtk component in Android. An attack...
Android Framework wi-fi service elevation of privilege vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and Framework wi-fi service is one of the Wifi service frameworks. An elevation of privilege vulnerability exists in Framework wi-fi service in Android. An attacker can exploit thi...
Google Android Libraries Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Libraries is a library. An information disclosure vulnerability exists in Libraries in Android. A remote attack could exploit this vulnerability to gain unauthorized acce...
CVE-2017-6248
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A...
CVE-2017-0639
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other...
CVE-2017-0639
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other...
CVE-2017-0646
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0...
Information disclosure
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
CVE-2017-0647
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0,...
CVE-2017-0650
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
CVE-2017-0647
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0,...
CVE-2017-0629
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
CVE-2017-0632
An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:...