Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application developed by Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. There are security vulnerabilities in versions of Synology Surveillance Station prior to 9.2.2.2-11575 and...

2.7CVSS5.8AI score0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-54959

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00112EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/04 10:32 p.m.7 views

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS6.9AI score0.00112EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 11:15 p.m.6 views

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS5.9AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2025/09/02 11:15 p.m.9 views

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS0.00112EPSS
Exploits0References4
CVE
CVE
added 2025/09/02 10:11 p.m.434 views

CVE-2024-40653

CVE-2024-40653 involves a logic error in ConnectionServiceWrapper.java that can let a permission be retained indefinitely in the background, enabling local elevation of privilege. The issue is described across multiple sources (Android/Red Hat/NVD entries) as requiring user interaction for exploi...

7.3CVSS6.4AI score0.00112EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/02 10:11 p.m.4 views

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

6.4AI score0.00112EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/02 10:11 p.m.10 views

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

0.00112EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.8 views

PT-2025-35617

Name of the Vulnerable Software and Affected Versions: ConnectionServiceWrapper.java affected versions not specified Description: Multiple functions within ConnectionServiceWrapper.java contain a logic error that may allow for the indefinite retention of a permission in the background. Exploitati...

7.3CVSS6.1AI score0.00112EPSS
Exploits0References7
OSV
OSV
added 2025/04/01 12:0 a.m.20 views

ASB-A-293458004

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS7.3AI score0.00112EPSS
Exploits0References4
Redos
Redos
added 2024/09/10 12:0 a.m.31 views

ROS-20240910-06

A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Zabbix universal monitoring system vulnerability is related to the ability to directly...

9.1CVSS8.1AI score0.01606EPSS
Exploits0
Prion
Prion
added 2017/08/18 6:29 p.m.13 views

Arbitrary file deletion

Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name...

6.5CVSS7.2AI score0.01204EPSS
Exploits0References1
Rows per page
Query Builder