Lucene search
+L

509 matches found

Vulnrichment
Vulnrichment
added 2025/01/06 3:17 a.m.9 views

CVE-2024-20143

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...

6.9AI score0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 11:58 p.m.29 views

CVE-2024-43769

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

0.00081EPSS
Exploits0References2
OSV
OSV
added 2025/01/01 12:0 a.m.13 views

ASB-A-363248394

In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an app with notification access in Settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed f...

7.8CVSS7.3AI score0.00073EPSS
Exploits0References2
OSV
OSV
added 2025/01/01 12:0 a.m.7 views

ASB-A-205837340

Bulletin has no description...

7.7AI score
Exploits0
NVD
NVD
added 2024/12/10 10:15 p.m.28 views

CVE-2024-53002

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/04 5:17 p.m.8 views

CVE-2018-9393

In procfilewrite of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glproc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.2AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2024/12/01 12:0 a.m.14 views

ASB-A-357079333

In DevmemValidateFlags of devicememserver.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.4AI score0.00079EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/11/21 12:0 a.m.12 views

IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files...

7.8CVSS6.9AI score0.00394EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/20 5:30 p.m.10 views

CVE-2018-9478

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

7.9AI score0.00368EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/11/19 12:0 a.m.8 views

Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00272EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/11/12 12:0 a.m.6 views

(0Day) Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.9AI score0.00374EPSS
Exploits0
OSV
OSV
added 2024/11/01 12:0 a.m.11 views

ASB-A-337944529

In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS7.9AI score0.00109EPSS
Exploits0References1
OSV
OSV
added 2024/11/01 12:0 a.m.12 views

ASB-A-346643520

In DevmemXIntMapPages of devicememserver.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS7.3AI score0.00113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.9 views

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

7.8CVSS6.7AI score0.00585EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.5 views

Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6.7AI score0.00401EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/07/22 12:0 a.m.9 views

Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS8.7AI score0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 9:1 p.m.25 views

CVE-2024-32910

In handlemsgshmmapreq of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00076EPSS
Exploits0References1
OSV
OSV
added 2024/06/01 12:0 a.m.7 views

PUB-A-322065862

In v4l2smfcqbuf of smfc-v4l2-ioctls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.4AI score0.00081EPSS
Exploits0References1
OSV
OSV
added 2024/06/01 12:0 a.m.13 views

PUB-A-322327032

In lwisprocesstransactionsinqueue of lwistransaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.2AI score0.00078EPSS
Exploits0References1
OSV
OSV
added 2024/06/01 12:0 a.m.16 views

PUB-A-301669196

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

7CVSS7AI score0.00078EPSS
Exploits0References1
Rows per page
Query Builder