CVE-2024-35787

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...

CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...

PUB-A-318507188

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PUB-A-297569957

In ppmpunprotectbuf of drmfw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40093

CVE-2023-40093 is an information-disclosure vulnerability in Google Android where trimmed content could be included in PDF output due to a logic error. It allows local information disclosure with no user interaction; confidentiality is impacted. Public sources cite this CVE in Android security bu...

Rockwell FactoryTalk Services Platform 2.74 Authentication Bypass

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is 2.74. It is, therefore, affected by a vulnerability. - Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTa...

PUB-A-269274102

there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-282081424

there is a possible DCK won't be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-288366554

In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Rockwell Automation FactoryTalk Services Platform Authorization Issue Vulnerability

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

PUB-A-279767668

there is a possible way to bypass carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Design/Logic Flaw

In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

CVE-2023-21267

The CVE-2023-21267 issue affects Android’s KeyguardViewMediator.java in the framework, enabling bypass of lockdown mode via screen pinning due to a logic error. This leads to local information disclosure without extra privileges or user interaction. Exploitation can occur on devices with access t...

CVE-2023-20942

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

PUB-A-267809568

In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Tray Owner Will Not be Able to Burn any Tray

Lines of code Vulnerability details Impact 1. There are two issues here, the check namespaceNFT != msg.sender && trayOwner != msg.sender && getApprovedid != msg.sender && !isApprovedForAlltrayOwner, msg.sender will only revert CallerNotAllowedToBurn if all of the conditions are true which is very...

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

Possible loss of rewards when staking non-component vaults

Lines of code Vulnerability details Impact Users could gain less rewards if they stake a non-component vault, as compared to reassembling their S1 Citizen with the vault and and staking it as a component vault. Vulnerability Details From the repository's README.md: S1 Citizens without a component...