7652 matches found
CVE-2020-4609
IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...
Google Android MmsService.java Elevation of Privilege Vulnerability
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android MmsService.java. The vulnerability stems from a lack of permission checking in archiveStoredConversation in MmsService.jav...
Google Android onReceive elevation of privilege vulnerability
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android onReceive. The vulnerability stems from a lack of permission checking in onReceive of NetInitiatedActivity.java. An attack...
Google Android Information Disclosure Vulnerability (CNVD-2021-45314)
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an information disclosure vulnerability. The vulnerability stems from a lack of permission checking in updateNotification in BeamTransferManager.java. An...
GHSA-W942-GW6M-P62C Denial of service in GJSON
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector...
Denial of service in GJSON
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector...
Google Android Information Disclosure Vulnerability (CNVD-2021-44936)
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android 11 suffers from an information disclosure vulnerability. The vulnerability arises due to an out-of-bounds write due to a lack of bounds checking in...
The vulnerability of the Bluetooth stack implementation in the Red Hat Enterprise Linux kernel allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the Bluetooth stack implementation in the Red Hat Enterprise Linux kernel is related to access to data without type checking. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...
CVE-2021-32700
Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...
Code injection
Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...
CVE-2021-32700 Supply chain attack via MiTM against users
Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...
CVE-2021-32700
CVE-2021-32700 affects the Ballerina platform. Vulnerable in: Ballerina 1.2.x and Swan Lake (SL) releases up to alpha 3. Issue: HTTP connections did not perform TLS/certificate checks, enabling a MITM to substitute or modify packages from the BC registry and inject malicious code into ballerina e...
Ubuntu 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4992-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4992-1 advisory. Mt Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An...
Nextcloud Mail Access Control Error Vulnerability
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Mail that stems from a lack of permission checking in Nextcloud Mail.Nextcloud Mail version 1.9.5 an...
Google Android elevation of privilege vulnerability (CNVD-2021-43395)
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an out-of-bounds write in the memory management driver due to a lack of boundary checking...
Google Android elevation of privilege vulnerability (CNVD-2021-43394)
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an out-of-bounds write in the memory management driver due to a lack of boundary checking...
Google Android elevation of privilege vulnerability (CNVD-2021-43383)
Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to a privilege checking error in the memory management driver. An attacker could exploit...
Samsung Health 代码问题漏洞
Samsung Health is a health management app from Samsung South Korea. Samsung Health suffers from a code issue vulnerability that stems from an improper checking vulnerability in Samsung Health. Exploitation of the vulnerability allows an attacker to read internal cached data via the export compone...
DEBIAN-CVE-2021-3588
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
UBUNTU-CVE-2021-3588
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...