Lucene search
K

2022 matches found

CNVD
CNVD
added 2016/10/20 12:0 a.m.2 views

Palm Zhenyi app design loophole

Palm ZJI APP is a mobile application developed by the First Hospital Affiliated to Zhejiang University School of Medicine ZJU-S1 to alleviate the tediousness of traditional medical consultation time. A design vulnerability exists in the Palm ZJI App. An attacker can bypass the check by constructi...

6.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/09/11 9:59 p.m.32 views

CVE-2016-3898

Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service loss of locked-screen 911 TTY functionality via a crafted application that modifies the TTY mode by broadcasting an intent, aka internal bug...

5.5CVSS6.5AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2016/09/11 9:59 p.m.2 views

UBUNTU-CVE-2016-3898

Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service loss of locked-screen 911 TTY functionality via a crafted application that modifies the TTY mode by broadcasting an intent, aka internal bug...

5.5CVSS6.4AI score0.0042EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/08/23 12:0 a.m.10 views

The vulnerability of the Android operating system allows a hacker to increase the priority of the intent-filter filter.

The vulnerability in the services/core/java/com/android/server/pm/PackageManagerService.java file of the Android operating system’s API is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to increase the priority of the intent-filter filter through a specially...

7.5CVSS7.7AI score0.00595EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/08/07 9:59 p.m.18 views

CVE-2015-3854

packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350...

7.5CVSS7.1AI score0.00543EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/08/07 9:0 p.m.16 views

CVE-2015-3854

packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350...

7.3AI score0.00543EPSS
Exploits0References3
OSV
OSV
added 2016/08/05 8:59 p.m.4 views

CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.3CVSS5.8AI score0.00595EPSS
Exploits0References3
Prion
Prion
added 2016/08/05 8:59 p.m.21 views

Code injection

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.5CVSS6.8AI score0.00595EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/08/05 8:59 p.m.32 views

CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.5CVSS7.1AI score0.00595EPSS
Exploits0References3
OSV
OSV
added 2016/08/05 8:59 p.m.3 views

UBUNTU-CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.3CVSS7.1AI score0.00595EPSS
Exploits0References4
CNVD
CNVD
added 2016/05/24 12:0 a.m.3 views

Unspecified Vulnerability in Lenovo SHAREit

Lenovo SHAREit 茄子快传 on Android is a set of file-sharing software based on the Android platform by the Chinese company Lenovo Lenovo. An unspecified vulnerability exists in Lenovo SHAREit versions prior to 3.5.98ww, based on Android platforms prior to version 4.2. A remote attacker can exploit thi...

9.3CVSS6.8AI score0.01945EPSS
Exploits0References1
NVD
NVD
added 2016/05/23 7:59 p.m.23 views

CVE-2016-4782

Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...

9.3CVSS8.7AI score0.01945EPSS
Exploits0References1
OSV
OSV
added 2016/05/23 7:59 p.m.7 views

CVE-2016-4782

Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...

8.8CVSS5.9AI score0.01945EPSS
Exploits0References1
Prion
Prion
added 2016/05/23 7:59 p.m.20 views

Code injection

Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...

9.3CVSS7.4AI score0.01945EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/05/23 7:0 p.m.28 views

CVE-2016-4782

Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...

8.7AI score0.01945EPSS
Exploits0References1
CVE
CVE
added 2016/05/23 7:0 p.m.48 views

CVE-2016-4782

The connected Lenovo advisory confirms CVE-2016-4782 affects SHAREit for Android versions older than 3.5.98_ww on devices running Android

9.3CVSS7.3AI score0.01945EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2016/05/07 10:59 a.m.19 views

Double free

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...

10CVSS8AI score0.0623EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/05/07 10:0 a.m.27 views

CVE-2013-7455

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...

9.7AI score0.0623EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2016/05/06 7:48 a.m.23 views

CVE-2013-7455

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...

10CVSS9.4AI score0.0623EPSS
Exploits0References1
OSV
OSV
added 2016/05/04 7:36 p.m.9 views

USN-2961-1 lcms2 vulnerability

It was discovered that a double free could occur when the intent handling code in the Little CMS library detected an error. An attacker could use this to specially craft a file that caused an application using the Little CMS library to crash or possibly execute arbitrary code...

10CVSS7.5AI score0.0623EPSS
Exploits0References2
Rows per page
Query Builder