Lucene search
K

77 matches found

OSV
OSV
added 2023/09/06 4:15 a.m.3 views

CVE-2023-30726

PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/05 12:0 a.m.5 views

PT-2023-22928 · Unknown · Gamelauncher

Name of the Vulnerable Software and Affected Versions: GameLauncher versions prior to 4.2.59.5 Description: The issue allows local attackers to access data through a PendingIntent hijacking vulnerability. Recommendations: For versions prior to 4.2.59.5, update to version 4.2.59.5 or later to...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/08/10 6:46 p.m.29 views

CVE-2023-23342 HCL Nomad for web is affected by cryptographic validation of local data access that can be circumvented

If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented...

6.6CVSS7AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/10 12:0 a.m.5 views

HCL Technologies HCL Nomad Security Vulnerability

HCL Technologies HCL Nomad is an application for using and managing the Domino application development platform in mobile devices from HCL Technologies, USA. A security vulnerability exists in HCL Technologies HCL Nomad prior to version 1.0.7, which stems from a vulnerability that allows an attac...

7.1CVSS6.4AI score0.00171EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/30 10:15 p.m.3 views

CVE-2023-29241

Improper Information in Cybersecurity Guidebook in Bosch Building Integration System BIS 5.0 may lead to wrong configuration which allows local users to access data via network...

8.1CVSS5.9AI score0.00362EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.4 views

PT-2023-22218 · Bosch · Bosch Building Integration System

Name of the Vulnerable Software and Affected Versions: Bosch Building Integration System BIS version 5.0 Description: The issue is related to improper information in the cybersecurity guidebook of the Bosch Building Integration System, which may lead to incorrect configuration. This incorrect...

8.1CVSS6.5AI score0.00362EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/04 12:0 a.m.4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR May-2023 Release 1 version, which originated when SemShareFileProvider allowe...

6.8CVSS5.7AI score0.00151EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.4 views

SUSE CVE-2016-6224

ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a 1 NVMe or 2 MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an...

3.3CVSS6.3AI score0.00373EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10237

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.3CVSS7.5AI score0.0041EPSS
Exploits0References3
OSV
OSV
added 2023/02/09 7:15 p.m.3 views

CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R11, 13.1.03.501 in Android S 12 and 14.1.00.422 in Android T13 allows local attacker to access data of MyFiles...

5.5CVSS6.1AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.29 views

CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R11, 13.1.03.501 in Android S 12 and 14.1.00.422 in Android T13 allows local attacker to access data of MyFiles...

6.2CVSS6.3AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/16 12:0 a.m.4 views

PT-2022-22142 · Ibm · Ibm Sterling Partner Engagement Manager

Name of the Vulnerable Software and Affected Versions: IBM Sterling Partner Engagement Manager version 2.0 Description: The issue allows encrypted storage of client data to be stored locally, which can be read by another user on the system. Recommendations: For IBM Sterling Partner Engagement...

4CVSS3.6AI score0.00191EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/09/09 3:15 p.m.3 views

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References5
OSV
OSV
added 2022/02/17 11:15 p.m.2 views

DEBIAN-CVE-2021-3155

snapd 2.54.2 and earlier created /snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1...

5.5CVSS5.6AI score0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/09 12:0 a.m.4 views

Intel Capital Global Summit Android App 安全漏洞

Intel Capital Global Summit Android App is a Capital Global Summit app from Intel Corporation USA. A security vulnerability exists in Intel Capital Global Summit Android that stems from incorrect access control, where an authenticated user gains access to sensitive data via local access...

5.5CVSS5.7AI score0.00254EPSS
Exploits0References3
NCSC
NCSC
added 2022/01/25 12:0 a.m.7 views

Vulnerabilities fixed in Trend Micro Deep Security

Two vulnerabilities have been fixed in Trend Micro Deep Security Agent for Linux. The vulnerability with attribute CVE-2022-23119 can be exploited if access is gained to the Deep Security Manager or on devices on which the agent is not yet not yet activated or configured. The vulnerability with...

7.8CVSS7.6AI score0.2225EPSS
Exploits2
OSV
OSV
added 2021/03/15 11:6 p.m.5 views

USN-4875-1 opensmtpd vulnerabilities

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...

10CVSS7.2AI score0.98946EPSS
Exploits41References4
NCSC
NCSC
added 2021/02/03 12:0 a.m.7 views

Serious vulnerabilities fixed in SolarWinds Orion

Vulnerabilities have been fixed in SolarWinds Orion. The vulnerability with reference CVE-2021-25274 allows an unauthenticated remote malicious person to execute arbitrary code with SYSTEM privileges. The vulnerability with attribute CVE-2021-25275 allows a local malicious person to access...

10CVSS7AI score0.36426EPSS
Exploits2
OSV
OSV
added 2020/02/11 3:15 p.m.1 views

DEBIAN-CVE-2020-6408

Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page...

6.5CVSS6AI score0.01624EPSS
Exploits1References1
OSV
OSV
added 2018/07/27 1:29 p.m.5 views

CVE-2017-2622

An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...

5.5CVSS5.8AI score0.00372EPSS
Exploits0References2
Rows per page
Query Builder