Lucene search
K

158 matches found

Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.4 views

PT-2023-17989 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the on remove iso data path function of btm iso impl.h due to improper input validation. This could lead to local information disclosure with no...

5.5CVSS5.3AI score0.00092EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.5 views

Google Pixel 竞争条件问题漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that originates in installKey in KeyUtil.cpp, where file encryption may fail due to a competitive condition, which could lead to local information disclosure...

4.1CVSS5.1AI score0.00054EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.4 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that originates in requestAppKeyboardShortcuts in WindowManagerService.java, where a lack of permission checking allows users to interact with the application, which could lead ...

5.5CVSS5.8AI score0.00087EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.6 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, Inc USA. A security vulnerability exists in Google Pixel, which originates in parseSecurityParamsFromXml in XmlUtil.java, where file encryption may fail due to a competitive condition, which could lead to local information disclosure...

7.8CVSS7.3AI score0.00076EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.6 views

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a possible out-of-bounds read in removesdprecord in btifsdpserver.cc due to incorrect bounds checking, which could lead to local information disclosure...

5.5CVSS5.7AI score0.00092EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.4 views

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

5.5CVSS6.1AI score0.00083EPSS
Exploits0References2
OSV
OSV
added 2023/06/15 7:15 p.m.4 views

CVE-2023-21141

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS6.2AI score0.00083EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.5 views

PT-2023-17588 · Wlan · Wlan

Name of the Vulnerable Software and Affected Versions: Wlan affected versions not specified Description: The issue is related to a possible out of bounds read in wlan due to a missing bounds check. This could lead to local information disclosure, requiring System execution privileges for...

4.4CVSS6.7AI score0.00093EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/06 12:0 a.m.6 views

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking, which could lead to out-of-bounds reads. An attacker could exploit this vulnerability to disclose local information. The...

4.4CVSS5.1AI score0.00093EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/06 12:0 a.m.5 views

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking, which could lead to out-of-bounds reads. An attacker could exploit this vulnerability to disclose local information. The...

4.4CVSS5.1AI score0.00093EPSS
Exploits0References2
OSV
OSV
added 2023/03/24 8:15 p.m.4 views

CVE-2023-21009

In multiple locations of p2piface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

4.4CVSS5.9AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2023/03/24 8:15 p.m.4 views

CVE-2023-21011

In multiple locations of p2piface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

4.4CVSS5.9AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2023/03/24 8:15 p.m.4 views

CVE-2023-20973

In btmcreateconncancelcomplete of btmsec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

5.5CVSS5.9AI score0.00094EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.6 views

PT-2023-17741 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a possible out of bounds write due to a missing bounds check in the A2DP BuildCodecHeaderSbc function of a2dp sbc.cc. This could lead to local information...

5.5CVSS6.5AI score0.00091EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.3 views

PT-2023-17744 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to a possible out of bounds write in the C2SurfaceSyncObj.cpp import due to a missing bounds check. This could lead to local information disclosure, requiring...

4.4CVSS4.4AI score0.00094EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.6 views

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in the UNISOC Chipsets telephony module that stems from a lack of privilege checking. This could lead to the disclosure of local information without the need for additional execute privileges...

5.5CVSS5.8AI score0.00089EPSS
Exploits0References2
OSV
OSV
added 2023/03/07 9:15 p.m.6 views

CVE-2023-20648

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612...

4.4CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2023/02/28 5:15 p.m.3 views

CVE-2023-20932

In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

3.3CVSS5.9AI score0.00107EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.5 views

SUSE CVE-2017-7495

fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new...

5.5CVSS6.6AI score0.00404EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.3 views

SUSE CVE-2021-0170

Exposure of Sensitive Information to an Unauthorized Actor in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6AI score0.00289EPSS
Exploits0References6
Rows per page
Query Builder