Google Android AppLaunchActivity.java Elevation of Privilege Vulnerability

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android AppLaunchActivity.java. An attacker can exploit this vulnerability to cause a local elevation of privilege...

Google Android drm_syncobj.c Information Disclosure Vulnerability

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android drmsyncobj.c suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to cause a local information disclosure...

Avaya Aura Device Services 代码注入漏洞

Avaya Aura Device Services is a software application from Avaya, USA. It provides a feature for managing Avaya endpoints. A security vulnerability exists in Avaya Aura Device Services versions 7.0 through 8.1.4.0, which can be exploited by local users to execute specially written scripts...

Google Android Information Disclosure Vulnerability (CNVD-2021-45436)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android 11 suffers from an information disclosure vulnerability. The vulnerability arises due to an out-of-bounds read due to a heap buffer overflow in ih264efmtconv.c in...

Privilege escalation

In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android...

CVE-2021-0505

CVE-2021-0505 affects Android 11 (Settings) with a missing permission check that could allow disabling an always-on VPN, enabling local elevation of privilege without user interaction. Documents consistently describe a local, low-exploitability EoP risk; no explicit exploit details or fixes are p...

CVE-2021-29706

IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. IBM X-Force ID: 200663...

Google Android elevation of privilege vulnerability (CNVD-2021-43394)

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an out-of-bounds write in the memory management driver due to a lack of boundary checking...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system of the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from a memory corruption in the memory management driver due to reuse after release. An attacker...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to an out-of-bounds write in the memory management driver due to a lack of boundary...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from a memory corruption in the memory management driver due to reuse after release. An attack...

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android version 11, which can be exploited by an attacker to cause a local...

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker to cause...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android EmergencyCallbackModeExitDialog.java. An attacker can exploit this vulnerability to cause a local elevation of privilege...

CVE-2019-25034

Unbound before 1.9.5 allows an integer overflow in sldnsstr2wirednamebuforigin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

UBUNTU-CVE-2019-25036

Unbound before 1.9.5 allows an assertion failure and denial of service in synthcname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

UBUNTU-CVE-2021-21147

Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

DEBIAN-CVE-2021-26826

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

Type confusion

In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05453809...

Google Android 代码问题漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 8.1, 9, and 10. An attacker could exploit this vulnerability to cause a...