Lucene search
K

27 matches found

OSV
OSV
added 2022/12/26 6:15 a.m.3 views

DEBIAN-CVE-2022-41767

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user using reassignEdits.php, the changes will still be attributed to the IP address on Special:Contributions when doing a range...

5.3CVSS5.6AI score0.00641EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 5:15 p.m.24 views

CVE-2021-0388

In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User...

7.8CVSS0.00114EPSS
Exploits0References1
OSV
OSV
added 2021/03/10 5:15 p.m.3 views

CVE-2021-0388

In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User...

7.8CVSS7.2AI score0.00114EPSS
Exploits0References1
Prion
Prion
added 2021/03/10 5:15 p.m.16 views

Privilege escalation

In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User...

4.6CVSS7.6AI score0.00114EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/10 4:12 p.m.48 views

CVE-2021-0388

CVE-2021-0388 affects Android 11 and is tied to the ImsPhoneCallTracker.java onReceive path, where a misappropriation of data usage can occur due to an incorrect broadcast handler. This can enable local escalation of privilege by attributing video‑call data to the wrong app, without requiring any...

7.8CVSS7.7AI score0.00114EPSS
Exploits0References1Affected Software1
CISA
CISA
added 2019/10/21 12:0 a.m.14 views

NSA and NCSC Release Joint Advisory on Turla Group Activity

The National Security Agency NSA and the United Kingdom National Cyber Security Centre NCSC have released a joint advisory on advanced persistent threat APT group Turla—widely reported to be Russian and also known as Snake, Uroburos, VENEMOUS BEAR, or Waterbug. The advisory provides an update to...

6.7AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 2014/11/20 4:31 p.m.4 views

OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)

It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...

4.3CVSS6.8AI score0.03041EPSS
Exploits0References5
Rows per page
Query Builder