Lucene search
+L

130 matches found

OSV
OSV
added 2022/12/08 4:15 p.m.6 views

CVE-2022-39913

Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...

3.3CVSS5.8AI score0.0008EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/08 12:0 a.m.6 views

CVE-2022-39913

Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...

6.8CVSS6.8AI score0.0008EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.7 views

PT-2022-25107 · Google · Persona Manager

Name of the Vulnerable Software and Affected Versions: Persona Manager versions prior to Android T13 Description: The issue allows a local attacker to access user profiles information due to exposure of sensitive information to an unauthorized actor. Recommendations: For versions prior to Android...

6.8CVSS3.6AI score0.0008EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.8 views

PT-2022-25106 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to T13 Description: The issue is related to improper handling of insufficient permissions in the setSecureFolderPolicy function within the PersonaManagerService. This allows local attackers to set certain setting values...

6.2CVSS3.7AI score0.00081EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from improper management of the setSecureFolderPolicy privilege of the PersonaManagerServi...

6.2CVSS4.8AI score0.00081EPSS
Exploits0References2
CVE
CVE
added 2022/12/08 12:0 a.m.76 views

CVE-2022-39913

CVE-2022-39913 concerns the Exposure of Sensitive Information to an Unauthorized Actor in Samsung’s Persona Manager prior to Android T(13). The issue arises from a data exposure that allows a local attacker to access user profiles information. Affected product/area: Persona Manager on devices run...

6.8CVSS3.9AI score0.0008EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/08 12:0 a.m.27 views

CVE-2022-39913

Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...

6.8CVSS6.5AI score0.0008EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2022/10/21 11:53 a.m.14 views

Adversarial ML Attack that Secretly Gives a Language Model a Point of View

Machine learning security is extraordinarily difficult because the attacks are so varied--and it seems that each new one is weirder than the next. Heres the latest: a training-time attack that forces the model to exhibit a point of view: Spinning Language Models: Risks of Propaganda-As-A-Service...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/13 9:25 a.m.55 views

Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research

Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security, and genome research as part of a new social engineering campaign designed to hunt for sensitive information. Enterprise security firm Proofpoint attributed the targeted...

0.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:25 p.m.2 views

Malicious code in persona-verifier-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ca2cabdbd8835448cdeea37c5eac4287b21e737bbf4ba4e268b59bcc5468852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:25 p.m.5 views

MAL-2022-5301 Malicious code in persona-verifier-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ca2cabdbd8835448cdeea37c5eac4287b21e737bbf4ba4e268b59bcc5468852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/07 7:15 p.m.4 views

CVE-2022-30727

Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space...

6.2CVSS5.8AI score0.00085EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:30 p.m.26 views

Arbitrary file read vulnerability in Jenkins Persona Plugin

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

6.5CVSS6.2AI score0.0101EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 5:30 p.m.47 views

GHSA-5MFW-P6QV-WGVV Arbitrary file read vulnerability in Jenkins Persona Plugin

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

6.5CVSS6.3AI score0.0101EPSS
Exploits0References4
OSV
OSV
added 2021/10/28 1:52 p.m.15 views

GSD-2021-1001860 nvme-pci: Fix abort command id

nvme-pci: Fix abort command id This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.75 by commit 6fecdb5b54a5d37e5c018307ea9180502c85d158, it w...

7.3AI score
Exploits0
NVD
NVD
added 2020/10/08 1:15 p.m.13 views

CVE-2020-2293

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

6.5CVSS0.0101EPSS
Exploits0References2
OSV
OSV
added 2020/10/08 1:15 p.m.15 views

CVE-2020-2293

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

6.5CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2020/10/08 1:15 p.m.14 views

Code injection

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

4CVSS6.3AI score0.0101EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/08 12:40 p.m.24 views

CVE-2020-2293

Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...

6.4AI score0.0101EPSS
Exploits0References2
CVE
CVE
added 2020/10/08 12:40 p.m.64 views

CVE-2020-2293

CVE-2020-2293 affects the Jenkins Persona Plugin (versions 2.4 and earlier). The issue allows users with Overall/Read permissions to read arbitrary files on the Jenkins controller. The connected sources confirm the affected component and impact but do not detail a vendor-specific root cause beyon...

6.5CVSS6.3AI score0.0101EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder