Lucene search
K

462 matches found

NVD
NVD
added 2023/02/28 5:15 p.m.18 views

CVE-2023-20934

In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.7AI score0.00092EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 5:15 p.m.3 views

CVE-2022-20551

In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...

6.7CVSS5.9AI score0.00095EPSS
Exploits0References1
CVE
CVE
added 2023/02/28 12:0 a.m.151 views

CVE-2022-20551

CVE-2022-20551 affects Android, specifically AudioFlinger.cpp createTrack in Android 12–13. Root cause is a logic error that can allow recording audio without a privacy indicator, enabling local elevation of privilege with System privileges required and no user interaction. Documents consistently...

6.7CVSS6.6AI score0.00095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/28 12:0 a.m.16 views

CVE-2023-20934

In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.9AI score0.00092EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/28 12:0 a.m.4 views

CVE-2023-20934

In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8AI score0.00092EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.5 views

PT-2023-12659 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to a logic error in the code of AudioFlinger.cpp, specifically in the createTrack function. This error allows for the possibility of recording audio without a...

6.7CVSS6.5AI score0.00095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.2 views

SUSE CVE-2009-3984

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content aka 204 status code and an empty...

6.8CVSS8.9AI score0.0219EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:12 a.m.2 views

SUSE CVE-2015-8217

The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...

7.5CVSS7.6AI score0.02412EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.6 views

SUSE CVE-2016-5298

A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox 50...

6.5CVSS6.2AI score0.01273EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.2 views

SUSE CVE-2017-13741

There is a use-after-free in the function compileBrailleIndicator in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack...

5.3CVSS6.9AI score0.01756EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.0 views

SUSE CVE-2020-15954

KDE KMail 19.12.3 aka 5.13.3 engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use...

6.5CVSS6.5AI score0.00653EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.3 views

SUSE CVE-2020-17367

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

7.8CVSS8.6AI score0.01464EPSS
Exploits0References5
Circl
Circl
added 2023/01/18 10:21 p.m.6 views

CVE-2023-22863

creationtimestamp| type| source ---|---|--- 2023-01-18 22:21:40+00:00| seen| https://t.me/cibsecurity/56705...

5.9CVSS5.8AI score0.00355EPSS
Exploits0References1
Circl
Circl
added 2023/01/16 6:24 p.m.4 views

CVE-2022-4648

creationtimestamp| type| source ---|---|--- 2023-01-16 18:24:26+00:00| seen| https://t.me/cibsecurity/56550...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.4 views

Eramba 跨站脚本漏洞

Eramba is an open source, enterprise-level IT governance application from Eramba UK. The program has features such as IT security, compliance auditing and analysis. A security vulnerability exists in Eramba GRC Software version c2.8.1, which stems from a KPI Title text field in its Add feature th...

5.4CVSS5.8AI score0.00485EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.33 views

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2022:7472)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7472 advisory. - QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507 - libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to deni...

6.5CVSS6.7AI score0.01024EPSS
Exploits1References5
Circl
Circl
added 2022/11/03 5:20 p.m.5 views

CVE-2022-39382

creationtimestamp| type| source ---|---|--- 2022-11-03 17:20:56+00:00| seen| https://t.me/cibsecurity/52517...

9.8CVSS8.7AI score0.01486EPSS
Exploits1References1
NVD
NVD
added 2022/10/18 3:15 a.m.17 views

CVE-2022-22223

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

7.5CVSS0.00766EPSS
Exploits1References1
Prion
Prion
added 2022/10/18 3:15 a.m.23 views

Input validation

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

5CVSS7.8AI score0.00766EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/10/18 2:46 a.m.23 views

CVE-2022-22223 Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

6.5CVSS8AI score0.00766EPSS
Exploits1References1
Rows per page
Query Builder