CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

OSV•added 2025/10/31 2:13 p.m.•1 views

OESA-2025-2592 firefox security update

Security Fixes: If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from differen...

8.8CVSS7.3AI score0.00309EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 11:36 p.m.•2 views

CVE-2022-20492

In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.00025EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:36 p.m.•3 views

CVE-2022-20491

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:36 p.m.•3 views

CVE-2022-20480

7.8CVSS6.8AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:36 p.m.•2 views

CVE-2022-20456

In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.00022EPSS

Exploits0References1

Redos•added 2025/01/15 12:0 a.m.•7 views

ROS-20250115-02

A vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird email client is related to improper permission persistence. exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information, to affect the confidentiality of protected informati...

7.5CVSS8.1AI score0.0071EPSS

Exploits0

Prion•added 2023/03/24 8:15 p.m.•14 views

Design/Logic Flaw

In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.3CVSS7.6AI score0.00031EPSS

Exploits0References1Affected Software1

OSV•added 2023/01/26 9:15 p.m.•1 views

CVE-2022-20490

In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score

Exploits0References1

OSV•added 2023/01/26 9:15 p.m.•0 views

CVE-2022-20456

7.8CVSS5.9AI score0.00022EPSS

Exploits0References1

Positive Technologies•added 2023/01/24 12:0 a.m.•2 views

PT-2023-12646 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible failure to persist permissions settings due to resource exhaustion in the AutomaticZenRule of AutomaticZenRule.java. This could lead to local...

7.8CVSS7.4AI score0.00022EPSS

Exploits0References2

OSV•added 2022/12/13 4:15 p.m.•0 views

CVE-2022-20487

7.8CVSS5.9AI score

Exploits0References1

OSV•added 2022/12/13 4:15 p.m.•1 views

CVE-2022-20486

7.8CVSS5.9AI score0.00014EPSS

Exploits0References1

OSV•added 2022/12/13 4:15 p.m.•1 views

CVE-2022-20491