55 matches found
CVE-2022-20076
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556...
ged-project.de Improper Access Control vulnerability OBB-2162571
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2021-0626
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510...
Out-of-bounds
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510...
CVE-2021-0626
CVE-2021-0626 describes a possible out-of-bounds write in ged due to a missing bounds check, potentially enabling local escalation of privilege to System level without user interaction. Multiple connected sources (NVD, Red Hat, CVE lists) confirm the same issue and reference Patch ID ALPS05687510...
CVE-2021-0626
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510...
CVE-2021-0350
In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...
CVE-2021-0350
In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...
CVE-2021-0354
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch...
CVE-2021-0354
CVE-2021-0354: A local privilege-escalation flaw in ged on Android (Android 8.1–11) arises from an out-of-bounds write caused by an integer overflow. The issue allows an attacker with local access to potentially execute with System privileges without user interaction. Affected components are tied...
Google Android Input Validation Error Vulnerability
Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. Google Android 11 suffers from an input validation error vulnerability that stems from an integer overflow in ged, where a write overrun is possible. This could result in a local escalatio...
CVE-2021-0301
CVE-2021-0301 affects the Android ged component. The root cause is a missing bounds check that allows an out-of-bounds write, leading to local escalation of privilege with System-level execution privileges required. Exploitation does not require user interaction. Multiple connected sources (NVD, ...
CVE-2015-1587
Unrestricted file upload vulnerability in filetoindex.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a request to a predictable filename in tmp/...
CVE-2015-1587
CVE-2015-1587 is an unrestricted file upload vulnerability in Maarch LetterBox (and GEC/GED), allowing remote attackers to execute arbitrary PHP by uploading a PHP file via file_to_index.php and then requesting it from a predictable file path in tmp/. It affects Maarch LetterBox 2.8 and earlier, ...
CVE-2015-1587
Unrestricted file upload vulnerability in filetoindex.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a request to a predictable filename in tmp/...