462 matches found
PT-2023-17731 · Unknown · Audioflinger
Name of the Vulnerable Software and Affected Versions: AudioFlinger affected versions not specified Description: The issue is related to a logic error in the code of AudioFlinger.cpp, specifically in the openMmapStream function. This error allows for the possibility of recording audio without...
ASB-A-279905816
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...
ASB-A-258021433
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
The vulnerabilities of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—allow a hacker to trigger malfunctions during maintenance operations.
The vulnerability of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—is related to the...
CVE-2023-3183
A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...
Cross site scripting
A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...
CVE-2023-3183 SourceCodester Performance Indicator System addproduct.php cross site scripting
A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...
CVE-2023-3183
CVE-2023-3183 affects SourceCodester Performance Indicator System 1.0 and stems from an input handling flaw in the /admin/addproduct.php file: modifying the prodname parameter enables cross-site scripting. The issue is exploitable remotely, with the exploit disclosed publicly. Multiple connected ...
PT-2023-23481 · Sourcecodester · Sourcecodester Performance Indicator System
Name of the Vulnerable Software and Affected Versions: SourceCodester Performance Indicator System version 1.0 Description: A vulnerability was found in the system, affecting an unknown functionality of the file /admin/addproduct.php. The manipulation of the prodname argument leads to cross site...
Performance Indicator System 跨站脚本漏洞
Performance Indicator System is a performance indicator system management system for nurhodelta17 individual developers. A cross-site scripting vulnerability exists in Performance Indicator System version 1.0, which stems from a problem in the file /admin/addproduct.php, where incorrect...
Indicator-Intelligence - Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect Installation From Source Code You can use virtualenv for package dependencies before installation. git clone...
CVE-2023-21083
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2023-21083
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
Design/Logic Flaw
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
PT-2023-17876 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a permissions bypass in the onNullBinding method of CallScreeningServiceHelper.java, allowing audio recording without displaying a privacy indicator. This cou...
CVE-2023-21083
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2023-21083
CVE-2023-21083 affects Android, specifically the onNullBinding path in CallScreeningServiceHelper.java. The root cause is a permissions bypass that can enable recording audio without a privacy indicator, allowing local elevation of privilege with user privileges and no user interaction required. ...
ASB-A-252762941
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard allows a intruder to execute any arbitrary code in the target system.
The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a perpetrator to execute arbitrary code on the target...
CVE-2023-20934
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...