Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 6:54 a.m.7 views

CVE-2024-12993

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

4.8CVSS7AI score0.00242EPSS
Exploits0References1
nvd
nvd
added 2024/12/30 11:15 a.m.27 views

CVE-2024-12993

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

4.8CVSS0.00242EPSS
Exploits0References2
cve
cve
added 2024/12/30 11:1 a.m.57 views

CVE-2024-12993

The CVE-2024-12993 entry describes a vulnerability in Infinix devices stemming from a pre-loaded app com.rlk.weathers that exposes an unsecured content provider. An attacker can communicate with this provider to reveal the user’s location without any privileges (local attack; no user interaction ...

4.8CVSS6.6AI score0.00242EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/12/30 11:1 a.m.5 views

CVE-2024-12993 Location information exposure in Infinix Weather app

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

4.8CVSS7AI score0.00242EPSS
Exploits0References2
Rows per page
Query Builder