81 matches found
CVE-2023-49345
Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...
CVE-2023-49343
Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...
CVE-2023-49342
CVE-2023-49342 concerns the Budgie Extras clockworks applet. The vulnerability arises from temporary data passed between application components being stored in a location accessible to any user with local system access, allowing a local attacker to view or manipulate the data and potentially pres...
Ubuntu Budgie Extras Security Vulnerability
Ubuntu Budgie Extras is a package in the Ubuntu Budgie open source. A security vulnerability exists in Ubuntu Budgie Extras that stems from temporary data passed between application components that could be viewed or manipulated...
Ubuntu Budgie Extras Security Vulnerability
Ubuntu Budgie Extras is a package in the Ubuntu Budgie open source. A security vulnerability exists in Ubuntu Budgie Extras that stems from temporary data passed between application components that could be viewed or manipulated...
Ubuntu Budgie Extras Security Vulnerability
Ubuntu Budgie Extras is a package in the Ubuntu Budgie open source. A security vulnerability exists in Ubuntu Budgie Extras that stems from temporary data passed between application components that could be viewed or manipulated...
CVE-2023-6542 Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID
Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL...
CVE-2023-30718
Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting...
CVE-2023-21486
CVE-2023-21486 concerns an improper export of Android components in ImagePreviewActivity within Samsung Call Settings, enabling a physical attacker to access certain media data in sandbox. The issue is tied to specific Samsung SMR May-2023 Release 1 updates; remediation is provided via the May-20...
CVE-2023-21485
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...
Authentication flaw
Improper export of Android application components vulnerability in Samsung Pay India only prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication...
Framer Preview 12 Content Injection Vulnerability
Framer Preview version 12 for Android exposes an activity to other apps called "com.framer.viewer.FramerViewActivity". The purpose of this activity is to show contents of a given URL via an fullscreen overlay to the app user. However, the app does neither enforce any authorization schema on the...
ASUS ASUS_A002 Access Control Error Vulnerability
The ASUS ASUSA002 is a smartphone from Asus ASUS of Taiwan, China. An access control error vulnerability exists in ASUS ASUSA002. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit the...
ASUS ASUS_A002_2 Access Control Error Vulnerability
The ASUS ASUSA0022 is a smartphone from Asus ASUS of Taiwan, China. An access control error vulnerability exists in ASUS ASUSA0022. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit the...
ASUS ZenFone 5 Lite Access Control Error Vulnerability
The ASUS ZenFone 5 Lite is a smartphone from Asus ASUS of Taiwan, China. An Access Control Error vulnerability exists in ASUS ZenFone 5 Lite. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could...
ASUS ZenFone Max 4 Access Control Error Vulnerability (CNVD-2020-14732)
The ASUS ZenFone Max 4 is a smartphone from Asus ASUS of Taiwan, China. An access control error vulnerability exists in the ASUS ZenFone Max 4. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could...
ASUS ZenFone AR Access Control Error Vulnerability
The ASUS ZenFone AR is a smartphone from Asus ASUS of Taiwan, China. An access control error vulnerability exists in ASUS ZenFone AR. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit th...
ASUS ZenFone 4 Selfie Access Control Error Vulnerability (CNVD-2020-14727)
The ASUS ZenFone 4 Selfie is a smartphone from Asus ASUS of Taiwan, China. An access control error vulnerability exists in ASUS ZenFone 4 Selfie. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker coul...
XSS in the agile wallboard gadget through quick filter names - CVE-2017-18100
The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of quick filters. h3. Workaround Disable the gadget. - Navigate to Administration Add-ons Manage add-ons and se...
OPC Application Components Detection
Binary data scadaopcdetect.nbin...