42 matches found
CVE-2022-29868
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used f...
Cisco Firepower Threat Defense Software Local Malware Analysis DoS (cisco-sa-ftd-amp-local-dos-CUfwRJXT)
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...
CVE-2022-20748 Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...
Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...
CVE-2022-20748
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...
多款TIBCO Software产品访问控制错误漏洞
Tibco Software TIBCO Spotfire Server and TIBCO Software Enterprise Runtime for R-Server Edition are both products of Tibco Software, Inc. of the U.S.A. TIBCO Spotfire Server is a suite of data analysis and mining tools based on TIBCO Spotfire that provide an integrated platform for organizations ...
firefox -- Crash in TransportSecurityInfo due to cached data
The Mozilla Foundation reports: A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into...
The vulnerability of the software interface of the Android operating system’s Framework, allowing a hacker to inject arbitrary code
The vulnerability of the software interface of the Android operating system’s Framework is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to inject arbitrary code remotely, using a local malware application...
The vulnerability of the Android operating system’s kernel subsystem allows a hacker to execute arbitrary code.
The vulnerability of the Android operating system’s kernel subsystem is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, using a local malware application...
Vulnerability of the Framework API of the Android operating system, which allows a hacker to gain access to user permissions
The vulnerability of the Framework API of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain access to user permissions through a local malware application...
The vulnerability in the codecs/aacenc/SoftAACEncoder2.cpp function of the libstagefright service in the Android Mediaserver application allows a hacker to execute arbitrary code.
The vulnerability of the codecs/aacenc/SoftAACEncoder2.cpp function in the libstagefright service of the Android Mediaserver application is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the privileged process,...
CVE-2016-10276
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
The vulnerability of the Android operating system, which allows a violator to compromise data privacy
The vulnerability of the libskia service in the Android operating system is related to the lack of protection for service-related data. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality through a local malware application...
The vulnerability of the Android operating system, which allows a violator to compromise data privacy
The vulnerability of the Mediaserver application for the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality through a local malware application...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the HTC Android operating system’s touchscreen driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, using a local malware application...
The vulnerability of the Android operating system, which allows a violator to compromise data privacy
The vulnerability of the libmpeg2 service in the Mediaserver application of the Android operating system is related to the lack of protection for service-related data. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality through a local malware application...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the Android operating system’s Telephony component is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a local malware application...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Android operating system’s libnl service is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the Wi-Fi service context, using a local malware application...
The vulnerability of the Android operating system, which allows a violator to compromise data privacy
The vulnerability of the libmpeg2 service in the Mediaserver application of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to compromise data privacy through the use of a local malware application...
The vulnerability of the Android operating system, which allows a violator to compromise data privacy
The vulnerability of the Android operating system’s sound driver is related to the lack of protection for sensitive data. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality through a local malware application...