15 matches found
CVE-2026-35594
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...
PT-2025-46769
Name of the Vulnerable Software and Affected Versions Frappe Learning versions 2.0.0 through 2.40.9 Description Frappe Learning is a learning system used to structure content. A flaw exists where changes to user roles made by administrators were not immediately reflected due to caching mechanisms...
Linux Distros Unpatched Vulnerability : CVE-2023-28161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that...
CVE-2022-20490
In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20485
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2024-49735
In multiple locations, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20489
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20492
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2023-12652 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible failure to persist permissions settings due to resource exhaustion in multiple functions of AutomaticZenRule.java. This could lead to local...
CVE-2022-20485
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20478
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20484
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
UBUNTU-CVE-2022-20484
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2022-14697 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible failure to persist permissions settings in the NotificationChannel of NotificationChannel.java due to resource exhaustion. This could lead to local...
PT-2022-14707 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible failure to persist permissions settings in the NotificationChannel of NotificationChannel.java due to resource exhaustion. This could lead to local...