10 matches found
EUVD-2023-25072
Malicious code in bioql PyPI...
PT-2023-12979 · Onos · Onos
Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered in ONOS where an intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. This occurs due to improper handling of case...
PT-2023-12981 · Onos · Onos
Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered where an intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent an...
ASB-A-261858325
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-20904
In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20904
In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Code injection
In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20904
In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2023-17694 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-12L through Android-13 Description: The issue is related to a possible launch of arbitrary activity due to an Intent mismatch in the code of SettingsActivity.java. This could lead to local escalation of privilege with...
CVE-2023-20904
In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...