Lucene search
K

462 matches found

Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.7 views

PT-2023-17731 · Unknown · Audioflinger

Name of the Vulnerable Software and Affected Versions: AudioFlinger affected versions not specified Description: The issue is related to a logic error in the code of AudioFlinger.cpp, specifically in the openMmapStream function. This error allows for the possibility of recording audio without...

5.5CVSS7AI score0.0007EPSS
Exploits0References7
OSV
OSV
added 2023/07/01 12:0 a.m.19 views

ASB-A-279905816

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...

3.1CVSS3.7AI score0.00131EPSS
Exploits0References2
OSV
OSV
added 2023/07/01 12:0 a.m.32 views

ASB-A-258021433

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.7AI score0.0007EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/28 12:0 a.m.7 views

The vulnerabilities of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—allow a hacker to trigger malfunctions during maintenance operations.

The vulnerability of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—is related to the...

7.8CVSS7.2AI score0.00929EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2023/06/09 1:15 p.m.2 views

CVE-2023-3183

A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...

5.4CVSS3.8AI score0.00574EPSS
Exploits1References3
Prion
Prion
added 2023/06/09 1:15 p.m.20 views

Cross site scripting

A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...

4CVSS5.3AI score0.00574EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/09 1:0 p.m.27 views

CVE-2023-3183 SourceCodester Performance Indicator System addproduct.php cross site scripting

A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...

4CVSS5.5AI score0.00574EPSS
Exploits1References3
CVE
CVE
added 2023/06/09 1:0 p.m.47 views

CVE-2023-3183

CVE-2023-3183 affects SourceCodester Performance Indicator System 1.0 and stems from an input handling flaw in the /admin/addproduct.php file: modifying the prodname parameter enables cross-site scripting. The issue is exploitable remotely, with the exploit disclosed publicly. Multiple connected ...

5.4CVSS4.4AI score0.00574EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.4 views

PT-2023-23481 · Sourcecodester · Sourcecodester Performance Indicator System

Name of the Vulnerable Software and Affected Versions: SourceCodester Performance Indicator System version 1.0 Description: A vulnerability was found in the system, affecting an unknown functionality of the file /admin/addproduct.php. The manipulation of the prodname argument leads to cross site...

5.4CVSS4.3AI score0.00574EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/06/09 12:0 a.m.2 views

Performance Indicator System 跨站脚本漏洞

Performance Indicator System is a performance indicator system management system for nurhodelta17 individual developers. A cross-site scripting vulnerability exists in Performance Indicator System version 1.0, which stems from a problem in the file /admin/addproduct.php, where incorrect...

5.4CVSS4.1AI score0.00574EPSS
Exploits1References4
Kitploit
Kitploit
added 2023/05/11 12:30 p.m.21 views

Indicator-Intelligence - Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files

Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect Installation From Source Code You can use virtualenv for package dependencies before installation. git clone...

7.3AI score
Exploits0References3
OSV
OSV
added 2023/04/19 8:15 p.m.2 views

CVE-2023-21083

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score
Exploits0References1
NVD
NVD
added 2023/04/19 8:15 p.m.14 views

CVE-2023-21083

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.7AI score0.00092EPSS
Exploits0References1
Prion
Prion
added 2023/04/19 8:15 p.m.19 views

Design/Logic Flaw

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

4.3CVSS7.6AI score0.00092EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/19 12:0 a.m.5 views

PT-2023-17876 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a permissions bypass in the onNullBinding method of CallScreeningServiceHelper.java, allowing audio recording without displaying a privacy indicator. This cou...

7.8CVSS6.7AI score0.00092EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.24 views

CVE-2023-21083

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

7.9AI score0.00092EPSS
Exploits0References1
CVE
CVE
added 2023/04/19 12:0 a.m.149 views

CVE-2023-21083

CVE-2023-21083 affects Android, specifically the onNullBinding path in CallScreeningServiceHelper.java. The root cause is a permissions bypass that can enable recording audio without a privacy indicator, allowing local elevation of privilege with user privileges and no user interaction required. ...

7.8CVSS7.6AI score0.00092EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/04/01 12:0 a.m.36 views

ASB-A-252762941

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.7AI score0.00092EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/23 12:0 a.m.6 views

The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard allows a intruder to execute any arbitrary code in the target system.

The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a perpetrator to execute arbitrary code on the target...

7.8CVSS7.7AI score0.06482EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2023/02/28 5:15 p.m.2 views

CVE-2023-20934

In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00092EPSS
Exploits0References1
Rows per page
Query Builder