Lucene search
K

158 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.4 views

SUSE CVE-2022-21125

Incomplete cleanup of microarchitectural fill buffers on some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

5.6CVSS5.2AI score0.06451EPSS
Exploits0References47
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.5 views

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip wlan driver, which stem...

6.4CVSS5.7AI score0.00085EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.5 views

PT-2022-14726 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the decrypt 1 2 function of CryptoPlugin.cpp due to a missing bounds check. This could lead to local information disclosure without requiring...

5.5CVSS5.1AI score0.00206EPSS
Exploits1References3
OSV
OSV
added 2022/09/28 9:15 p.m.4 views

CVE-2022-40709

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...

3.3CVSS5.8AI score0.00417EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/09/28 9:15 p.m.3 views

CVE-2022-40707

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...

3.3CVSS5.8AI score0.00167EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/09/06 6:15 p.m.4 views

CVE-2022-26459

In vow, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032634; Issue ID: ALPS07032634...

4.4CVSS6AI score0.00097EPSS
Exploits0References1
OSV
OSV
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.00148EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.00148EPSS
Exploits0References2
OSV
OSV
added 2022/08/12 3:15 p.m.3 views

CVE-2022-20272

In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text. This could lead to local information disclosure with User privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

5.5CVSS5.8AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2022/08/11 3:15 p.m.4 views

CVE-2022-20241

In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.0009EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.6 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android 13, which stems from a vulnerability in its LocaleManager that allows an attacker to use side-channel probing to determine whether an application is installed without...

3.3CVSS5.1AI score0.0009EPSS
Exploits0References2
OSV
OSV
added 2022/08/10 8:15 p.m.5 views

CVE-2022-20358

In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...

3.3CVSS5.9AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/08/03 6:2 p.m.4 views

netty: world readable temporary file containing sensitive data

CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled...

6.2CVSS6.8AI score0.01777EPSS
Exploits2References4
OSV
OSV
added 2022/06/15 9:15 p.m.4 views

UBUNTU-CVE-2022-21166

Incomplete cleanup in specific special register write operations for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.7AI score0.05899EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.8 views

PT-2022-2970 · Intel +9 · Sgx Psw +12

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to incomplete cleanup in specific special register write operations, which may allow an authenticated user to potentially enable information disclosure via...

9.8CVSS7.6AI score0.12746EPSS
Exploits104References1368
CNNVD
CNNVD
added 2022/06/06 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android has an information disclosure vulnerability that originates in gallery3d and photos, which could bypass licensing due to agent confusion and could be exploited by attackers to cause local information...

5CVSS5.7AI score0.00116EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/05/10 9:15 p.m.6 views

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

5.5CVSS6.1AI score0.00075EPSS
Exploits0References2
Prion
Prion
added 2022/05/10 9:15 p.m.18 views

Information disclosure

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

2.1CVSS5.4AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.8 views

MediaTek 多款产品安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component camera, which originates from uninitialized data and can be exploited by an attacker to cause a local information disclosure. The following products and...

4.4CVSS5.2AI score0.00109EPSS
Exploits0References2
OSV
OSV
added 2022/03/30 4:15 p.m.6 views

CVE-2021-39740

In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID...

5.5CVSS5.9AI score0.00105EPSS
Exploits0References1
Rows per page
Query Builder