Lucene search
K

134 matches found

Prion
Prion
added 2022/06/15 2:15 p.m.17 views

Out-of-bounds

In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid...

4.6CVSS6.5AI score0.00122EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/27 12:15 a.m.4 views

CVE-2022-30701

An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the...

7.8CVSS6AI score0.00398EPSS
Exploits0References2
OSV
OSV
added 2022/05/27 12:15 a.m.2 views

CVE-2022-30700

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS6AI score0.00304EPSS
Exploits0References2
NVD
NVD
added 2022/03/16 3:15 p.m.19 views

CVE-2021-39725

In gasketfreecoherentmemoryall of gasketpagetable.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...

6.7CVSS0.00104EPSS
Exploits0References1
Prion
Prion
added 2022/03/16 3:15 p.m.16 views

Out-of-bounds

In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.6CVSS6.7AI score0.00106EPSS
Exploits0References1
OSV
OSV
added 2022/03/03 7:11 p.m.16 views

GHSA-V3WR-67PX-44XG Execution with Unnecessary Privileges in arc-electron

Impact When the end-user click on the response header that contains a link the target will be opened in ARC new window. This window will have the default preload script loaded which allows the scripts embedded in the link target to execute any logic that ARC has access to from the renderer proces...

7AI score
Exploits0References2
Cvelist
Cvelist
added 2022/02/11 5:40 p.m.27 views

CVE-2021-39674

In btmsecconnected and btmsecdisconnected of btmsec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Andro...

7.9AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:10 p.m.5 views

CVE-2021-45231

A link following privilege escalation vulnerability in Trend Micro Apex One on-prem and SaaS and Trend Micro Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on th...

7.8CVSS6.1AI score0.00643EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/10 2:10 p.m.3 views

CVE-2021-44024

A link following denial-of-service vulnerability in Trend Micro Apex One on-prem and SaaS and Trend Micro Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability t...

7.1CVSS7AI score0.004EPSS
Exploits0References3
OSV
OSV
added 2022/01/01 12:0 a.m.24 views

ASB-A-200284993

In jitmemoryregion.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00146EPSS
Exploits0References2
OSV
OSV
added 2021/10/21 8:15 a.m.4 views

CVE-2021-42108

Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute...

7.8CVSS6AI score0.00398EPSS
Exploits0References3
CVE
CVE
added 2021/10/11 6:45 p.m.282 views

CVE-2021-42252

The CVE-2021-42252 issue affects the Linux kernel up to version 5.14.5 in aspeed_lpc_ctrl_mmap (drivers/soc/aspeed/aspeed-lpc-ctrl.c). A memory overwrite can occur via the Aspeed LPC control interface when a comparison uses non-memory-size values, enabling a local attacker to potentially escalate...

7.8CVSS7.2AI score0.00358EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/10/11 6:45 p.m.44 views

CVE-2021-42252

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.6AI score0.00358EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.4 views

Apple macOS Big Sur 安全漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. A security vulnerability exists in multiple Apple products that allows malicious applications to execute arbitrary code using kernel privileges. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, security update...

9.3CVSS7.9AI score0.01152EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.154 views

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2352-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2352-1 advisory. - In hidinputchangeresolutionmultipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could...

7.8CVSS7.3AI score0.00922EPSS
Exploits5References54
NVD
NVD
added 2021/05/06 1:15 p.m.15 views

CVE-2020-28014

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten...

6.1CVSS0.00948EPSS
Exploits1References1
NVD
NVD
added 2021/05/06 1:15 p.m.23 views

CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS0.00407EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2021/05/06 3:7 a.m.38 views

CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS8.1AI score0.00407EPSS
Exploits3
OSV
OSV
added 2021/05/04 1:30 p.m.2 views

UBUNTU-CVE-2020-28014

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten...

6.1CVSS7AI score0.00948EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/04/09 5:40 p.m.22 views

CVE-2021-25379

Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action...

4CVSS4.8AI score0.00215EPSS
Exploits0References2
Rows per page
Query Builder