28 matches found
CVE-2026-21016
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21016
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21016
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
PT-2026-40569
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
EUVD-2021-11274
Malware in sbrugna...
EUVD-2017-0843
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-0489
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data...
CVE-2022-20352
In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2021-24361
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...
CVE-2022-20261
In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2022-20261
In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in the Google Android LocationManager component that stems from a lack of privilege checking and has a possible way to obtain location information...
PT-2022-14485 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing permission check in the LocationManager, which could lead to local information disclosure. This requires System execution privileges and does not need user interaction...
CVE-2022-20352
In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
PT-2022-14578 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-12L Description: A local information disclosure issue exists due to a missing permission check in the addProviderRequestListener method of LocationManagerService.java. This allows an attacker to lea...
CVE-2021-24361
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...
CVE-2021-24361
The CVE-2021-24361 issue affects WordPress GeoDirectory Location Manager (prior to 2.1.0.10). The vulnerability arises from insufficient sanitization/validation of POST parameters used in a SQL statement in the AJAX action gd_popular_location_list, enabling unauthenticated SQL injection. Multiple...
CVE-2021-24361 GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL Injections
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...
WordPress SQL注入漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Location Manager WordPress plugin prior to...
WordPress GeoDirectory Location Manager premium plugin <= v2.1.0.9 - Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities
Multiple Unauthenticated SQL Injection SQLi vulnerabilities discovered by Rafal Goryl in the WordPress GeoDirectory Location Manager premium plugin versions = v2.1.0.9. Solution Update the WordPress GeoDirectory Location Manager premium plugin to the latest available version at least 2.1.0.10...