Lucene search
K

34 matches found

OSV
OSV
added 2020/10/01 12:0 a.m.31 views

ASB-A-142125338

In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.1AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2020/03/10 8:15 p.m.19 views

CVE-2020-0061

In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

5.5CVSS6AI score0.00164EPSS
Exploits0References1
Prion
Prion
added 2020/03/10 8:15 p.m.13 views

Information disclosure

In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.9CVSS5.3AI score0.00164EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/10 8:1 p.m.39 views

CVE-2020-0061

CVE-2020-0061 pertains to Pixel Recorder on Android, where a permissions bypass can allow arbitrary apps to record audio, leading to local information disclosure without extra execution privileges. The vulnerability affects the Android System component as listed in the Pixel Update Bulletin (Syst...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/12/28 9:0 p.m.20 views

CVE-2018-14992

The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/USPhone/ASUSX0081:7.0/NRD90M/USPhone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm versionCode=1510500200, versionName=1.5.0.40171122 has an exposed interface...

5.4AI score0.00365EPSS
Exploits1References2
OSV
OSV
added 2018/04/03 6:29 a.m.3 views

CVE-2017-13873

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary...

4.3CVSS7.4AI score0.00921EPSS
Exploits0References4
CNVD
CNVD
added 2018/04/03 12:0 a.m.4 views

Samsung Mobile Device Design Vulnerabilities

Samsung mobile devices are smart mobile devices released by Samsung in South Korea.Android N is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Samsung mobile devices using the Android N 7.x version, whi...

7.6CVSS7AI score0.00803EPSS
Exploits0References1
Prion
Prion
added 2017/11/13 3:29 a.m.23 views

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses...

4.3CVSS2.7AI score0.00834EPSS
Exploits0References4Affected Software4
NVD
NVD
added 2016/06/30 4:59 p.m.16 views

CVE-2016-4086

Huawei HiSuite In China before 4.0.4.301 and Out of China before 4.0.4.204ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors...

5.3CVSS5.4AI score0.00345EPSS
Exploits0References2
OSV
OSV
added 2016/06/30 4:59 p.m.5 views

CVE-2016-4086

Huawei HiSuite In China before 4.0.4.301 and Out of China before 4.0.4.204ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors...

5.3CVSS5.9AI score0.00345EPSS
Exploits0References2
Prion
Prion
added 2016/06/30 4:59 p.m.13 views

Code injection

Huawei HiSuite In China before 4.0.4.301 and Out of China before 4.0.4.204ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors...

2.9CVSS7.3AI score0.00345EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/06/30 4:0 p.m.44 views

CVE-2016-4086

CVE-2016-4086 affects Huawei HiSuite (China: before 4.0.4.301; outside China: before 4.0.4.204_ove). The vulnerability is described as a permission control flaw in HiSuite that allows an unauthenticated attacker on the local network (LAN) to remotely install arbitrary apps on a connected Huawei p...

5.3CVSS5.4AI score0.00345EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.10 views

The vulnerability of the iOS operating system allows attackers to bypass event handlers and modify events of arbitrary applications.

The vulnerability of the XPC Services software interface in the LaunchServices component of the iOS operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass event handler restrictions and modify events of arbitrary application...

2.1CVSS6.8AI score0.00335EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/03/14 10:0 a.m.55 views

CVE-2014-1276

CVE-2014-1276 affects Apple iOS prior to 7.1 via the IOKit HID Event interface. The vulnerability allows a crafted app to monitor user actions across arbitrary apps by accessing an IOKit framework interface, due to insufficient access controls in IOKit. Apple addressed this in iOS 7.1 (patch link...

5CVSS5.7AI score0.01181EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder