PT-2022-2970 · Intel +9 · Sgx Psw +12

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to incomplete cleanup in specific special register write operations, which may allow an authenticated user to potentially enable information disclosure via...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android has an information disclosure vulnerability that originates in gallery3d and photos, which could bypass licensing due to agent confusion and could be exploited by attackers to cause local information...

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Information disclosure

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

MediaTek 多款产品安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component camera, which originates from uninitialized data and can be exploited by an attacker to cause a local information disclosure. The following products and...

PUB-A-217475903

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2022-2925 · Microsoft · Power Bi +1

Name of the Vulnerable Software and Affected Versions: Microsoft Power BI affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Power BI local data gateway component, Microsoft On-Premises Data...

MediaTek 芯片安全漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in the MediaTek chips, which stems from a possible memory corruption due to incorrect error handling. This could result in the disclosure of local information that require...

CVE-2021-39765

In Gallery, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535427...

CVE-2021-39740

In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of permission checking in the DomainVerificationService. An attacker could exploit this vulnerability to cause local information...

Red Hat Vscode-Xml 信息泄露漏洞

Red Hat Vscode-Xml is an open source Xml language support from Red Hat. It makes it easy to edit Xml in Visual Studio Code. An information disclosure vulnerability exists in Red Hat Vscode-Xml, which stems from a flaw found in versions of LemMinX prior to 0.19.0. An attacker could use this...

DEBIAN-CVE-2021-3155

snapd 2.54.2 and earlier created /snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1...

PT-2022-10939 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12 Description: The issue concerns a misleading message in the "Clear storage" functionality, potentially leading to local information disclosure without requiring additional execution privileges...

CVE-2022-20042

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487...

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in the MediaTek chips that stems from incorrect boundary checking in the cmdq driver, which may result in out-of-bounds reads. This could lead to the disclosure of local...

Intel Capital Global Summit Android App 安全漏洞

Intel Capital Global Summit Android App is a Capital Global Summit app from Intel Corporation USA. A security vulnerability exists in Intel Capital Global Summit Android that stems from incorrect access control, where an authenticated user gains access to sensitive data via local access...

IBM Security Guardium Insights输入验证错误漏洞

IBM Security Guardium Insights is a data security solution from IBM Corporation. The product supports data analytics, threat alerts, data security auditing and local data monitoring. IBM Security Guardium Insights has an input validation error vulnerability in v3.0, which stems from the fact that...