106 matches found
CVE-2024-40674
In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a code logic error that can be exploited by an attacker to obtain sensitive information...
Google Pixel和Google Nexus 安全漏洞
Google Pixel and Google Nexus are both a smartphone from Google USA. Google Pixel and Google Nexus have a security vulnerability that stems from a code logic error that leads to a local denial of service...
CVE-2024-56786
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
ASB-A-316578327
In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit user consent due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
php: Filter bypass in filter_var (FILTER_VALIDATE_URL)
A flaw was found in PHP. An early return in the filtervar FILTERVALIDATEURL function results in invalid user information username + password part of URLs being treated as valid user information. This issue impacts users who expect only completely valid URLs to be returned by filtervar...
Google Android elevation of privilege vulnerability (CNVD-2025-02972)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is due to a logic error in the code that can be exploited by an attacker to escalate privileges...
ASB-A-324321147
In rebootRecoveryWithCommand of RecoverySystemService.java, there is a possible way to bypass a factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
ASB-A-336648613
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
MGASA-2024-0262 Updated php packages fix security vulnerability
This update ships the latest version of php 8.2. It brings fixed security issues and the usual bug fixes. Vulnerability: A code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information...
CVE-2024-32922
CVE-2024-32922 involves a logic error in the Pixel GPU power management path, specifically in gpu_pm_power_on_top_nolock within pixel_gpu_power.c, which can lead to a protected memory compromise. The vulnerability could enable local escalation of privilege to the TEE with no additional execution ...
BIT-PHP-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
CVE-2024-5458
CVE-2024-5458 affects PHP:8.1.x before 8.1.29, 8.2.x before 8.2.20, and 8.3.x before 8.3.8. The issue is a code logic error in URL validation using FILTER_VALIDATE_URL in filtering functions (e.g., filter_var), where certain URL forms cause the username:password portion to be misclassified as val...
CVE-2024-35787
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...
CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...