17 matches found
EUVD-2021-26171
Malware in sbrugna...
EUVD-2022-25852
Malicious code in bioql PyPI...
CVE-2024-44093
In ppmpunprotectbuf of drm/code/drmfw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-47025
In ppmpprotectbuf of drmfw.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PUB-A-306211423
In ppmpprotectbuf of drmfw.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44093
In ppmpunprotectbuf of drm/code/drmfw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44094
In ppmpprotectmfcfwbuf of code/drmfw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44093
In ppmpunprotectbuf of drm/code/drmfw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44094
In ppmpprotectmfcfwbuf of code/drmfw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44093
CVE-2024-44093 describes a memory corruption vulnerability in the function ppmp_unprotect_buf within drm/code/drm_fw.c. Exploitation could enable local privilege escalation without additional execution privileges or user interaction. The issue is referenced across multiple feeds (NVD, Red Hat, CV...
CVE-2024-25986
In ppmpunprotectbuf of drmfw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...
Code injection
In ppmpunprotectbuf of drmfw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20592
In ppmpvalidatesecbuf of drmfw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20574
In secsysmmuinfo of drmfw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Information disclosure
In ppmpvalidatesecbuf of drmfw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20583
CVE-2022-20583 affects the Android kernel DRM firmware path: in function ppmp_unprotect_mfcfw_buf there is an out-of-bounds write due to improper input validation. This could enable local escalation of privilege in S-EL1 with System privileges granted, and exploitation is described as not requiri...
CVE-2022-20587
CVE-2022-20587 affects Android devices via an issue in the Android kernel, in drm_fw.c within the ppmp_validate_wsm function. The vulnerability arises from improper input validation, enabling local privilege escalation with no additional privileges and no user interaction required. The CVSS vecto...