Lucene search
K

2494 matches found

Prion
Prion
added 2023/12/05 3:15 a.m.15 views

Design/Logic Flaw

Improper usage of insecure protocol i.e. HTTP in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middl...

1.8CVSS7.1AI score0.00171EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/05 2:44 a.m.24 views

CVE-2023-42579

Improper usage of insecure protocol i.e. HTTP in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middl...

6.5CVSS6.6AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2023/11/07 8:15 a.m.32 views

CVE-2023-42552

Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall...

4.4CVSS4.6AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2023/11/07 8:15 a.m.22 views

CVE-2023-42545

Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References1
Prion
Prion
added 2023/11/07 8:15 a.m.18 views

Design/Logic Flaw

Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall...

1.9CVSS7AI score0.00206EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/07 7:49 a.m.39 views

CVE-2023-42552

The CVE-2023-42552 entry concerns Samsung Firewall application on Android with an implicit intent hijacking flaw that lets a third-party tamper the firewall database. Affected versions are: Android 11 prior to 12.1.00.24, Android 12 prior to 13.1.00.16, and Android 13 prior to 14.1.00.7. Root cau...

4.4CVSS4.1AI score0.00206EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 7:49 a.m.11 views

CVE-2023-42552

Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall...

4.4CVSS6.8AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2023/11/07 7:49 a.m.36 views

CVE-2023-42545

Summary: CVE-2023-42545 concerns the Android Phone application using an implicit intent for sensitive communication, enabling potential access to location data. Affected software/versions (from provided details): Android 11 prior to 12.7.20.12; Android 12 includes 13.1.48 and 13.5.28; Android 13 ...

7.5CVSS7.4AI score0.00432EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 7:49 a.m.10 views

CVE-2023-42545

Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data...

5.5CVSS6.8AI score0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/07 7:49 a.m.25 views

CVE-2023-42545

Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data...

5.5CVSS7.6AI score0.00432EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.25 views

Rocky Linux 8 : wpa_supplicant (RLSA-2021:1686)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1686 advisory. - In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target...

7.9CVSS8.2AI score0.04707EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.18 views

Rocky Linux 9 : flac (RLSA-2022:8078)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8078 advisory. - In appendtoverifyfifointerleaved of streamencoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local informatio...

5.5CVSS6.1AI score0.00465EPSS
Exploits0References3
NVD
NVD
added 2023/09/06 4:15 a.m.26 views

CVE-2023-30730

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file...

5.5CVSS4.2AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/06 3:12 a.m.11 views

CVE-2023-30730

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file...

3.3CVSS6.5AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2023/09/06 3:12 a.m.45 views

CVE-2023-30730

The CVE-2023-30730 issue is an implicit intent hijacking vulnerability in the Samsung Camera app across Android 11–13: Camera prior to 11.0.16.43 (Android 11), 12.0.07.53–12.1.03.10 (Android 12), and 13.0.01.43–13.1.00.83 (Android 13) can allow a local attacker to access specific files. Root caus...

5.5CVSS5.2AI score0.00142EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/06 3:12 a.m.24 views

CVE-2023-30730

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file...

3.3CVSS5.5AI score0.00142EPSS
Exploits0References1
Huntr
Huntr
added 2023/08/20 7:39 p.m.88 views

Android Manifest Misconfiguration Leading to Task Hijacking

Description Task hijacking allows malicious apps to inherit permissions of vulnerable apps and is usually used for phishing login credentials of victims. This vulnerability applies to all Android versions before Android 11. Steps To Reproduce: 1. Victim installs malicious app 1. Victim starts...

5CVSS7AI score0.00399EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.15 views

Amazon Linux 2 : flac (ALAS-2023-2106)

The version of flac installed on the remote host is prior to 1.3.0-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2106 advisory. An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a...

5.5CVSS6.2AI score0.00465EPSS
Exploits0References4
NVD
NVD
added 2023/06/15 7:15 p.m.19 views

CVE-2023-21138

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.8AI score0.00083EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.29 views

CVE-2023-21144

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.5CVSS7.4AI score0.00741EPSS
Exploits0References1
Rows per page
Query Builder