130 matches found
CVE-2022-39913
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...
CVE-2022-39913
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...
PT-2022-25107 · Google · Persona Manager
Name of the Vulnerable Software and Affected Versions: Persona Manager versions prior to Android T13 Description: The issue allows a local attacker to access user profiles information due to exposure of sensitive information to an unauthorized actor. Recommendations: For versions prior to Android...
PT-2022-25106 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to T13 Description: The issue is related to improper handling of insufficient permissions in the setSecureFolderPolicy function within the PersonaManagerService. This allows local attackers to set certain setting values...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from improper management of the setSecureFolderPolicy privilege of the PersonaManagerServi...
CVE-2022-39913
CVE-2022-39913 concerns the Exposure of Sensitive Information to an Unauthorized Actor in Samsung’s Persona Manager prior to Android T(13). The issue arises from a data exposure that allows a local attacker to access user profiles information. Affected product/area: Persona Manager on devices run...
CVE-2022-39913
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T13 allows local attacker to access user profiles information...
Adversarial ML Attack that Secretly Gives a Language Model a Point of View
Machine learning security is extraordinarily difficult because the attacks are so varied--and it seems that each new one is weirder than the next. Heres the latest: a training-time attack that forces the model to exhibit a point of view: Spinning Language Models: Risks of Propaganda-As-A-Service...
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security, and genome research as part of a new social engineering campaign designed to hunt for sensitive information. Enterprise security firm Proofpoint attributed the targeted...
Malicious code in persona-verifier-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ca2cabdbd8835448cdeea37c5eac4287b21e737bbf4ba4e268b59bcc5468852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5301 Malicious code in persona-verifier-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ca2cabdbd8835448cdeea37c5eac4287b21e737bbf4ba4e268b59bcc5468852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-30727
Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space...
Arbitrary file read vulnerability in Jenkins Persona Plugin
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
GHSA-5MFW-P6QV-WGVV Arbitrary file read vulnerability in Jenkins Persona Plugin
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
GSD-2021-1001860 nvme-pci: Fix abort command id
nvme-pci: Fix abort command id This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.75 by commit 6fecdb5b54a5d37e5c018307ea9180502c85d158, it w...
CVE-2020-2293
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
CVE-2020-2293
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
Code injection
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
CVE-2020-2293
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller...
CVE-2020-2293
CVE-2020-2293 affects the Jenkins Persona Plugin (versions 2.4 and earlier). The issue allows users with Overall/Read permissions to read arbitrary files on the Jenkins controller. The connected sources confirm the affected component and impact but do not detail a vendor-specific root cause beyon...