Lucene search
+L

323 matches found

CVE
CVE
added 2024/01/19 8:7 p.m.37 views

CVE-2023-5081

CVE-2023-5081 describes an information-disclosure vulnerability in Lenovo Tab M8 HD where a local application could obtain a non-resettable device identifier. The NVD/NIST entry provides a CVSSv3.1 base score of 3.3 (Low) with LOCAL attack vector, minimal privileges, no user interaction, and conf...

3.3CVSS3.5AI score0.00164EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/19 8:6 p.m.4 views

CVE-2023-5080

A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands...

6.8CVSS7.2AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.5 views

Lenovo Tablet Security Breach

Lenovo Tablet is a series of tablet computers from the Chinese company Lenovo. A security vulnerability exists in Lenovo Tablet, which stems from a privilege escalation vulnerability. The vulnerability could allow a local application to access device identifiers and system commands...

7.8CVSS6.7AI score0.00153EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.3 views

PT-2024-1556 · Lenovo · Lenovo Tab M8 Hd

Name of the Vulnerable Software and Affected Versions: Lenovo Tab M8 HD affected versions not specified Description: An information disclosure issue was reported, allowing a local application to gather a non-resettable device identifier. This could potentially enable an attacker to disclose...

3.3CVSS6.4AI score0.00164EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/06/07 9:42 p.m.15 views

CVE-2023-29168 PTC Vuforia Studio Insufficiently Protected Credentials

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

3.7CVSS7.6AI score0.00475EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/20 2:16 p.m.11 views

CVE-2022-4287

Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application...

8.7AI score0.01021EPSS
Exploits0References1
Mageia
Mageia
added 2022/06/18 9:30 p.m.65 views

Updated exempi packages fix security vulnerability

XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

9.3CVSS4.1AI score0.05409EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/11/18 6:35 p.m.6 views

CVE-2021-43017 Adobe Creative Cloud DLL Hijacking Local Application Denial of Service

Adobe Creative Cloud version 5.5 and earlier are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the...

4.2CVSS6.5AI score0.01134EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/18 6:35 p.m.23 views

CVE-2021-43017 Adobe Creative Cloud DLL Hijacking Local Application Denial of Service

Adobe Creative Cloud version 5.5 and earlier are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the...

4.2CVSS5.2AI score0.01134EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2021/09/01 2:33 p.m.36 views

CVE-2021-36054

XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file...

5.5CVSS5.6AI score0.03751EPSS
Exploits0
CNVD
CNVD
added 2021/07/08 12:0 a.m.7 views

Google Android Media Framework Information Disclosure Vulnerability (CNVD-2021-52345)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the Media Framework component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker...

5.5CVSS6.3AI score0.00131EPSS
Exploits0References1
OSV
OSV
added 2021/04/02 7:15 p.m.5 views

CVE-2021-1803

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents...

3.3CVSS6.6AI score0.00583EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/19 12:0 a.m.5 views

Huawei P30 Resource Management Error Vulnerability

Huawei P30 is a smartphone from Chinese company Huawei Huawei. The HUAWEI P30 suffers from a resource management error vulnerability that allows a local application to perform a denial of service DoS attack. The vulnerability is caused due to improper resource management within the application wh...

3.3CVSS6.4AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.7 views

Huawei P30 资源管理错误漏洞

Huawei P30 is a smartphone from Chinese company Huawei Huawei. The HUAWEI P30 suffers from a resource management error vulnerability that allows a local application to perform a denial of service DoS attack. The vulnerability is caused due to improper resource management within the application wh...

3.3CVSS5.8AI score0.00194EPSS
Exploits0References3
Hacker One
Hacker One
added 2020/06/01 9:32 p.m.12 views

Mail.ru: Private file read through file attachment

my.com MyMail application for Android could be tricked by malicious local application selected as a file picker by user to copy the file from application folder to insecure location...

2.2AI score
Exploits0
Veracode
Veracode
added 2020/04/10 12:55 a.m.27 views

Denial Of Service (DoS)

Python is vulnerable to denail of service DoS. Due to a flaw found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects, it caused Python applications using these modules to follow any new URL that they...

6.4CVSS1.5AI score0.04266EPSS
Exploits0References29Affected Software2
UbuntuCve
UbuntuCve
added 2019/10/11 7:15 p.m.84 views

CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...

7.8CVSS7.2AI score0.72105EPSS
Exploits28References4
OSV
OSV
added 2019/10/11 7:15 p.m.3 views

UBUNTU-CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...

7.8CVSS7.2AI score0.72105EPSS
Exploits28References5
Cvelist
Cvelist
added 2019/10/11 6:16 p.m.27 views

CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...

8.4AI score0.72105EPSS
Exploits28References11
Vulnrichment
Vulnrichment
added 2019/10/11 6:16 p.m.6 views

CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...

6.8AI score0.72105EPSS
Exploits28References11
Rows per page
Query Builder