CVE-2023-52762 virtio-blk: fix implicit overflow on virtio_max_dma_size

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtiomaxdmasize The following codes have an implicit conversion from sizet to u32: u32maxsize = sizetvirtiomaxdmasizevdev; This may lead overflow, Ex sizet4G - u320. Once virtiomaxdmasize has...

Signature Verification Bypass

onelogin/php-saml is vulnerable to Signature Verification Bypass. The vulnerability is due to implicit boolean conversion of numerical values returned by opensslverify in PHP, where an error state -1 can be interpreted as a successful signature verification, which results in misinterpretation of...

Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system...

Oracle Linux 9 : mod_jk / and / mod_proxy_cluster (ELSA-2024-2387)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2387 advisory. modjk 1.2.49-1 - Related: RHEL-27511 - Rebase to upstream 1.2.49 release modproxycluster 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag -...

CVE-2024-3480

An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data...

CVE-2024-3108

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization...

CVE-2023-41828

An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider...

CVE-2023-41824

An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data...

CVE-2023-41820

An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices...

CVE-2024-3480

The CVE-2024-3480 entry concerns the Motorola framework and an implicit-intent vulnerability that could allow an attacker to read telephony-related data. Details in the provided documents indicate: affected software/component — Motorola framework; vulnerability type — implicit intent leading to d...

CVE-2024-3480

An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data...

CVE-2024-3108

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization...

CVE-2024-3108

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization...

CVE-2024-3108

The CVE-2024-3108 issue concerns Motorola Time Weather Widget. Several sources describe an implicit-intent vulnerability that could allow a local app to obtain the device’s location without user authorization (CVSSv3.1: Local, Low complexity, Privileges Low, Privilege Required Low; Confidentialit...

CVE-2023-41828

The CVE-2023-41828 vulnerability affects the Motorola Phone application, describing an implicit intent export flaw that could allow unauthorized access to a non-exported content provider. The issue is scoped as Local attack, requiring user interaction, with a MEDIUM base score (CVSS 3.1: 4.4) and...

CVE-2023-41824

An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data...

CVE-2023-41824

An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data...

CVE-2023-41824

Technical details about CVE-2023-41824 are not publicly provided in the connected documents. The materials reiterate an implicit intent vulnerability in Motorola Phone Calls to read calling data but lack specifics on affected versions, root cause, or remediation. Monitor for updates.

CVE-2023-41820

CVE-2023-41820 concerns the Motorola Ready For application, where an implicit-intent vulnerability could allow a local attacker to read information about connected Bluetooth audio devices. Public descriptions across multiple sources (NVD, Red Hat, CVE listings) consistently cite this issue in the...

Motorola Ready For 安全漏洞

Motorola Ready For is a feature of Motorola USA Inc. It enhances the functionality of a cell phone by connecting it to any display or monitor1,2. A security vulnerability exists in Motorola Ready For that stems from the presence of an implicit intent vulnerability that could allow a local attacke...