Lucene search
+L

79 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:57 a.m.8 views

CVE-2024-27223

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed. User interaction is n...

5.1CVSS6.5AI score0.0012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.10 views

CVE-2024-44092

There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.0008EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.8 views

CVE-2023-21054

In EUTRANLCSConvertLCSMOLRReq of LPPCommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.2CVSS7.7AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.6 views

CVE-2023-21059

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:36 a.m.8 views

CVE-2023-23080

Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10=V202209060242025 and Tenda IT7-PCS Tenda IT7-PCS=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS=V2209020908...

9.8CVSS7.3AI score0.02456EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/23 1:30 a.m.2 views

Malicious code in lcs-sistic-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b05382a541057365227516e05e0fe3aeec00d7087f6bfebae88ad20ac12209aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
NVD
NVD
added 2024/09/13 9:15 p.m.25 views

CVE-2024-44092

There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.0008EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/13 8:28 p.m.13 views

CVE-2024-44092

There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8AI score0.0008EPSS
Exploits0References1
CVE
CVE
added 2024/09/13 8:28 p.m.203 views

CVE-2024-44092

CVE-2024-44092 describes a missing LCS signing enforcement caused by test/debugging code left in a production build, potentially enabling local privilege escalation without user interaction. Public materials in this set confirm impact on Google Pixel/Android components, with references in the Pix...

7.8CVSS7.8AI score0.0008EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/09/01 12:0 a.m.38 views

PUB-A-345848543

In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.0008EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/05/31 6:54 p.m.12 views

lcs-engineering.com Cross Site Scripting vulnerability OBB-3931930

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/03/11 7:15 p.m.3 views

CVE-2024-27223

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed. User interaction is n...

5.1CVSS5.9AI score0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.8 views

PT-2024-21756 · Google · Android

Name of the Vulnerable Software and Affected Versions: LPP LcsManagement.c affected versions not specified Description: The issue is related to a possible out of bounds read in the EUTRAN LCS DecodeFacilityInformationElement function of LPP LcsManagement.c due to a missing bounds check. This coul...

5.1CVSS6.4AI score0.0012EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.5 views

kernel: Linux kernel: Denial of Service in s390/lcs network driver due to incompatible function pointer type

A flaw was found in the Linux kernel's s390/lcs network driver. An incorrect function pointer type in the lcsstartxmit function could lead to a system crash or termination of a process. This issue arises when Kernel Control Flow Integrity kCFI, a security feature designed to prevent certain types...

5.8AI score0.00239EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.14 views

kernel: Linux kernel: Denial of Service in s390/lcs network driver due to incompatible function pointer type

A flaw was found in the Linux kernel's s390/lcs network driver. An incorrect function pointer type in the lcsstartxmit function could lead to a system crash or termination of a process. This issue arises when Kernel Control Flow Integrity kCFI, a security feature designed to prevent certain types...

5.8AI score0.00239EPSS
Exploits0References5
Redos
Redos
added 2023/07/06 12:0 a.m.19 views

ROS-2-1313

2.1313 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
CVE
CVE
added 2023/03/24 12:0 a.m.112 views

CVE-2023-21054

CVE-2023-21054 affects the Android kernel, specifically the EUTRAN_LCS_ConvertLCS_MOLRReq path in LPP_CommonUtil.c. A logic error can cause an out-of-bounds write, which could lead to remote code execution with System-level privileges. No user interaction is required. Exploitation status and in-t...

7.2CVSS7.3AI score0.00539EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.6 views

PT-2023-17850 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the EUTRAN LCS DecodeFacilityInformationElement function of LPP LcsManagement.c. This could lead to remote information disclosure without requiring additiona...

7.5CVSS7.1AI score0.00436EPSS
Exploits0References2
NVD
NVD
added 2023/02/27 2:15 p.m.23 views

CVE-2023-23080

Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10=V202209060242025 and Tenda IT7-PCS Tenda IT7-PCS=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS=V2209020908...

9.8CVSS9.8AI score0.02456EPSS
Exploits1References1
OSV
OSV
added 2023/02/27 2:15 p.m.7 views

CVE-2023-23080

Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10=V202209060242025 and Tenda IT7-PCS Tenda IT7-PCS=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS=V2209020908...

9.8CVSS7.4AI score0.02456EPSS
Exploits1References1
Rows per page
Query Builder