23 matches found
EUVD-2026-2046
A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privilege...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which arises from the program incorrectly retaining setup privileges, and can be exploited by an attacker to elevate privileges without requiring addition...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by an attacker to cause a local elevation of privilege that requires no additional execute privileges...
UNISOC Chipsets 安全漏洞
UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in the UNISOC Chipsets telephony module that stems from a lack of privilege checking. This could lead to a local denial of service in the telephony service without additional execute privileges...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local privilege escalation without requiring additional execute privileges...
Google Android Resource Management Error Vulnerability in Android (CNVD-2022-78149)
Google Android is a Linux-based open source operating system from Google, Inc. An attacker could exploit this vulnerability to cause a local denial of service without additional execute privileges...
Google Android 代码问题漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. An attacker exploiting this vulnerability could result in a local privilege escalation without the need for additional execute privileges...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. An attacker exploiting this vulnerability could result in a local privilege escalation without the need for additional execute privileges...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. An attacker exploiting this vulnerability could result in a local privilege escalation without the need for additional execute privileges...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database - Enterprise Edition Recovery that...
Google Android Input Validation Error Vulnerability (CNVD-2021-103432)
Google Android is a Linux-based open-source operating system from the U.S. company Google. Google Android is vulnerable to an input validation error, which can be exploited by attackers to cause a local privilege escalation that requires the user to execute privileges...
MediaTek asf extractor 缓冲区错误漏洞
MediaTek asf extractor is a chipset from China's MediaTek Mediatek. MediaTek asf extractor suffers from a buffer error vulnerability that stems from incorrect boundary checking, where an out-of-bounds read may occur. This could result in the disclosure of local information without additional...
CVE-2021-42252
An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...
CVE-2021-42252
An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...
Microsoft Windows Error Reporting Information Disclosure Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Error Reporting WER is one of the error reporting components. An information...
Oracle Database Server Remote Vulnerability (CNVD-2015-00468)
Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Execute on DBMSIR' privileges using the 'Oracle Net' protocol...
IBM DB2 db2job File Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8344/info IBM's DB2 database ships with a utility called db2job, installed with permissions 4550 and owned by root.db2asgrp. It has been reported that db2job writes to a number of files with root privileges. The files...
CVE-2012-2197
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges...
HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow
Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...
Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow
Added: 10/26/2006 CVE: CVE-2006-5344 BID: 20588 OSVDB: 31462 Background The Oracle Spatial formerly SDO component of Oracle Database provides a set of functions which process multi-dimensional data. Problem A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileg...