ASB-A-274058082

In androidviewInputDevicecreate of androidviewInputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core

DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access

A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SProcScreenSaverSuspend function...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability in the vold incremental-fs APIs of Google Android could cause systemserver to trigger a mount on a directory that should not be under the control of systemserver...

The vulnerability of the DNS Server component of the Windows operating system, related to improper code generation, allows a hacker to trigger a service failure.

The vulnerability of the DNS Server component of the Windows operating system is related to improper code generation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Exploit for Improper Input Validation in Microsoft

This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...

CVE-2020-0136

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Integer overflow

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-0136

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-0082

In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2016-11031

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. AntService allows a systemserver crash and reboot. The Samsung ID is SVE-2016-7044 November 2016...

Code injection

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...

Code injection

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...

CVE-2019-9386

In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

CVE-2019-1988

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in systemserver with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0...

Google Android Framework Component Remote Code Execution Vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. A remote code execution vulnerability exists in the Framework component of Google Android 9. An attacker can exploit this vulnerability to potentially cause a remote...

Google Android Framework Component Remote Code Execution Vulnerability (CNVD-2019-23561)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. A remote code execution vulnerability exists in the Framework component of Google Android 8.0, 8.1, and 9. An attacker can exploit this vulnerability to potentially cause...