Lucene search
K

556 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-20934

In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.9 views

CVE-2022-44636

The Samsung TV 2021 and 2022 model smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models...

4.6CVSS6.9AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.4 views

CVE-2022-20446

In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

3.3CVSS6.6AI score0.00103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:48 p.m.9 views

CVE-2022-46313

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone...

5.3CVSS7.2AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:40 p.m.9 views

CVE-2021-30882

A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call...

7.5CVSS5.7AI score0.00977EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:40 p.m.4 views

CVE-2021-29959

When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This...

4.3CVSS5.9AI score0.00842EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 p.m.5 views

CVE-2020-11470

Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process with the user's privileges to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access...

3.3CVSS6.5AI score0.00306EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.9 views

CVE-2019-15469

The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other pre-installed...

5.5CVSS6.7AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.6 views

CVE-2019-15474

The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphone aud...

5.5CVSS6.5AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.7 views

CVE-2019-15743

The Sony Xperia Touch Android device with a build fingerprint of Sony/blancwindy/blancwindy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app versionCode=24, versionName=7.0 that allows...

5.5CVSS6.5AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.6 views

CVE-2019-8566

An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user...

4.3CVSS5.7AI score0.00695EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.6 views

CVE-2019-6222

A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown...

4.3CVSS5.7AI score0.00927EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 a.m.6 views

CVE-2019-15470

The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other...

5.5CVSS6.6AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 a.m.6 views

CVE-2019-15471

The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other pre-install...

5.5CVSS6.7AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 a.m.5 views

CVE-2019-15472

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...

5.5CVSS6.5AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/16 12:57 a.m.16 views

CVE-2024-58101

Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...

8.1CVSS6.9AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 12:0 a.m.8 views

CVE-2024-58101

Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...

8.1AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 12:0 a.m.14 views

CVE-2024-58101

Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...

0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/14 12:0 a.m.4 views

SAMSUNG Galaxy Buds 安全漏洞

SAMSUNG Galaxy Buds is a wireless Bluetooth headset from South Korea's Samsung SAMSUNG that supports active noise cancellation and voice assistant. A security vulnerability exists in SAMSUNG Galaxy Buds, which stems from a default Bluetooth pairing mode that may result in audio takeover or...

8.1CVSS6.8AI score0.002EPSS
Exploits0References3
CVE
CVE
added 2025/05/14 12:0 a.m.42 views

CVE-2024-58101

CVE-2024-58101 affects Samsung Galaxy Buds and Galaxy Buds 2. The issue arises because Bluetooth pairing is enabled by default, allowing pairings without user input or an option to disable this mode. Impact described in sources includes potential audio playback takeover and microphone recording w...

8.1CVSS6.8AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder