Lucene search
K

101 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2747

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00601EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2021-3600

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00116EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-45819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE's Notification Manager API. The vulnerability...

6.1CVSS6.1AI score0.00601EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:9 a.m.5 views

CVE-2023-21191

In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00102EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:34 p.m.3 views

CVE-2022-39871

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts...

7.5CVSS7.3AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 p.m.5 views

CVE-2021-39618

In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:1 p.m.7 views

CVE-2020-0638

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'...

7.8CVSS7.8AI score0.02928EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:0 p.m.6 views

CVE-2020-0400

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.5CVSS6.2AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:59 p.m.8 views

CVE-2020-0313

In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989...

5.5CVSS6.2AI score0.00159EPSS
Exploits1References1
OSV
OSV
added 2025/02/04 8:15 a.m.3 views

CVE-2025-20893

Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications...

5.1CVSS5.8AI score0.00138EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 9:15 p.m.5 views

CVE-2024-31319

In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...

7.8CVSS5.9AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2024/05/07 9:15 p.m.2 views

CVE-2024-23713

In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score
Exploits0References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.6 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an input validation error vulnerability that stems from improper input validation in the migrateNotificationFilter method of the NotificationManagerService.java file, which can be exploited by an...

7.8CVSS6.8AI score0.00083EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from the ability to access clipboard messages without displaying a toast message in multiple methods in the NotificationManagerService.java...

9.8CVSS6.9AI score0.00343EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.5 views

PT-2024-20024 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to multiple functions in NotificationManagerService.java, where a clipboard message access may not trigger a toast message. This could lead to local escalation of...

9.8CVSS6.8AI score0.00343EPSS
Exploits0References7
OSV
OSV
added 2024/02/15 11:15 p.m.5 views

CVE-2023-40106

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00085EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.4 views

PT-2023-28405 · Samsung · Samsung Health

Name of the Vulnerable Software and Affected Versions: Samsung Health versions prior to 6.25 Description: The issue allows local attackers to access data through PendingIntent hijacking in the ChallengeNotificationManager. Recommendations: For versions prior to 6.25, update to version 6.25 or lat...

5.5CVSS5.3AI score0.0016EPSS
Exploits0References2
Snyk
Snyk
added 2023/10/19 10:57 p.m.2 views

Cross-site Scripting (XSS)

Overview TinyMCE is a web-based JavaScript HTML WYSIWYG editor control. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Notification Manager API due to improper input sanitization. An attacker can execute arbitrary JavaScript when a notification is presented i...

6.1CVSS5.5AI score0.00601EPSS
Exploits0References2
NVD
NVD
added 2023/10/19 10:15 p.m.43 views

CVE-2023-45819

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

6.1CVSS6.1AI score0.00601EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/10/19 10:15 p.m.25 views

CVE-2023-45819

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

6.1CVSS6.5AI score0.00601EPSS
Exploits0References2
Rows per page
Query Builder