4 matches found
EUVD-2021-0963
Malware in sbrugna...
CVE-2021-22538 Privilege escalation in RBAC system
A privilege escalation vulnerability impacting the Google Exposure Notification Verification Server versions prior to 0.23.1, allows an attacker who 1 has UserWrite permissions and 2 is using a carefully crafted request or malicious proxy, to create another user with higher privileges than their...
PT-2021-15131 · Google · Google Exposure Notification Verification Server
Name of the Vulnerable Software and Affected Versions: Google Exposure Notification Verification Server versions prior to 0.23.1 Description: A privilege escalation issue allows an attacker with UserWrite permissions, using a carefully crafted request or malicious proxy, to create another user wi...
PT-2020-15832 · Google · Gaen Protocol
Name of the Vulnerable Software and Affected Versions: GAEN protocol affected versions not specified Description: An issue was discovered in the GAEN protocol, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping ...