Lucene search
K

134 matches found

CNNVD
CNNVD
added 2022/08/05 12:0 a.m.4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices ConfirmConnectActivity SMR prior to Aug-2022 Release 1, which stems from an improper restriction of...

5.9CVSS4.9AI score0.0009EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/03 8:15 p.m.6 views

CVE-2022-20084

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...

7.8CVSS7.2AI score0.00098EPSS
Exploits0References2
OSV
OSV
added 2022/05/03 8:15 p.m.3 views

CVE-2022-20084

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...

7.8CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2022/05/03 8:15 p.m.18 views

Privilege escalation

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...

4.6CVSS7.6AI score0.00098EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 7:55 p.m.142 views

CVE-2022-20084

The CVE-2022-20084 entry affects MediaTek telephony, where a missing permission check could allow local privilege escalation to disable emergency broadcast reception. The issue is documented with a patch reference (ALPS06498874/ALPS06498874) and is associated with MediaTek’s devices, containing n...

7.8CVSS7.6AI score0.00098EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 7:55 p.m.25 views

CVE-2022-20084

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...

7.9AI score0.00098EPSS
Exploits0References1
OSV
OSV
added 2022/04/27 3:15 a.m.17 views

CVE-2022-27331

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users...

4.3CVSS6.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.22 views

Emerson OSE Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-0693)

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

10CVSS5.8AI score0.03263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/10/22 12:0 a.m.6 views

PT-2021-7218 · Owl · Owl Labs Meeting Owl

Name of the Vulnerable Software and Affected Versions: Owl Labs Meeting Owl version 5.2.0.15 Description: The issue is related to the implementation of Bluetooth Low Energy BLE technology in the microprogram of the Meeting Owl Pro camera for video conferencing. It involves the use of a hardcoded...

9.3CVSS9AI score0.00824EPSS
Exploits1References12
OSV
OSV
added 2021/07/13 12:15 p.m.6 views

CVE-2021-22399

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References1
Prion
Prion
added 2021/07/13 12:15 p.m.20 views

Code injection

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product...

2.1CVSS5.4AI score0.00166EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/12/15 4:15 p.m.2 views

CVE-2020-0481

In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for...

3.3CVSS5.7AI score0.00127EPSS
Exploits0References2
Prion
Prion
added 2020/11/02 7:15 a.m.20 views

Improper access control

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098,...

4.6CVSS7.9AI score0.00197EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/06/03 4:11 p.m.174 views

Smart-TV Bug Allows Rogue Broadcasts

An unpatched vulnerability in smart TVs would allow attackers on the same Wi-Fi network to hijack the TV set to broadcast their own content – including, potentially, fake emergency broadcast messages. Discovered by security researcher Dhiraj Mishra, the flaw CVE-2019-12477 is found in the SUPRA...

7.5CVSS1.8AI score0.94928EPSS
Exploits18References7
Prion
Prion
added 2019/04/30 1:29 p.m.15 views

Xxe

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients...

4.8CVSS9.1AI score0.01794EPSS
Exploits0References4
CVE
CVE
added 2019/04/30 12:25 p.m.64 views

CVE-2019-10309

The CVE-2019-10309 entry concerns the Jenkins Swarm Plugin (Swarm Client) where UDP-based master discovery responses are XML documents that are parsed without proper XXE protection. This XXE flaw could allow an unauthenticated attacker on the same network to read arbitrary files from Swarm client...

9.3CVSS9AI score0.01794EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2018/11/13 12:0 a.m.179 views

Android RSSI Broadcast Information Disclosure

Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall ...

5.7AI score0.02032EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/11/13 12:0 a.m.205 views

Android 5.0 Battery Information Broadcast Information Disclosure

NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall of 2018. SUMMARY System broadcasts by the Android operating system expose detailed...

5.7AI score0.02032EPSS
Exploits6
OpenVAS
OpenVAS
added 2018/06/15 12:0 a.m.14 views

Microsoft Windows: NetBIOS Node Type

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windcnetbiosnodetype.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for NetBIOS Node Type Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2018/02/01 12:47 p.m.13 views

PiDense - Monitor Illegal Wireless Network Activities (Fake Access Points)

Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities Now Calculates Unencrypted wireless network density Finds same ssid, different encryption Working...

7.1AI score
Exploits0References1
Rows per page
Query Builder