472 matches found
CVE-2022-3048
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device...
CVE-2022-3048
CVE-2022-3048 refers to an inappropriate implementation in the Chrome OS lockscreen within Google Chrome on Chrome OS, prior to version 105.0.5195.52. The issue allowed a local attacker with physical access to bypass lockscreen navigation restrictions. Public advisories indicate a fix shipped wit...
CVE-2022-3048
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10119-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10119-1 advisory. - Use after free in Network Service. CVE-2022-3038 - Use after free in WebSQL. CVE-2022-3039, CVE-2022-3041 - Use after free in Layout...
Debian DSA-5223-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5223 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...
FreeBSD : chromium -- multiple vulnerabilities (f2043ff6-2916-11ed-a1ef-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f2043ff6-2916-11ed-a1ef-3065ec8fd3ec advisory. - Use after free in Network Service. CVE-2022-3038 - Use after free in WebSQL. CVE-2022-3039,...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google Inc. A security vulnerability exists in Google Chrome, which stems from an improperly implemented issue in Chrome OS lockscreen, and affects the following products and versions: Chrome before 105.0.5195.52 Mac/linux and before 105.0.5195.52/53/54 Windows...
KLA15732 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Layout can be exploited to caus...
CVE-2022-20006
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User...
CVE-2022-20006
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User...
Race condition
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User...
CVE-2021-41181
Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker...
CVE-2021-41181
The CVE affects the Nextcloud Talk Android app prior to version 12.3.0. A flaw causes the app to fail to detect the device lockscreen state when an incoming call occurs, enabling an attacker with physical access to a locked phone to access chat messages and files. Affected component: Nextcloud An...
CVE-2021-41181 Nextcloud Talk app exposes chat messages on lockscreen
Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker...
CVE-2021-41181 Nextcloud Talk app exposes chat messages on lockscreen
Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker...
Talk app did allow access to sensitive chat messages on lockscreen
None...
PT-2022-11372 · Nextcloud · Nextcloud Talk Android
Name of the Vulnerable Software and Affected Versions: Nextcloud Android Talk App versions prior to 12.3.0 Description: Nextcloud talk is a self-hosting messaging service. The Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker...
CVE-2021-39628
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Design/Logic Flaw
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39628
CVE-2021-39628 affects Android (StatusBar.java): a logic error can disclose notification content on the lockscreen, causing local information disclosure without user interaction. The vulnerability is described for Android 10 and 11, with a local attack vector and partial confidentiality impact. T...