38 matches found
EUVD-2018-1854
Malware in sbrugna...
EUVD-2022-25372
Malicious code in bioql PyPI...
CVE-2023-21311
In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20112
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2023-21311
In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21311
CVE-2023-21311 describes an information-disclosure vulnerability in Android Settings where a permissions bypass could let a secondary user control private DNS settings. Exploitation is local (ATT&CK-like, not remote), requires no user interaction, and could disclose private information without ad...
CVE-2023-21311
In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21311
In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2018-1000135
GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure CWE-200 vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed,...
PR-DNSd - Passive-Recursive DNS Daemon
Passive-Recursive DNS daemon. Quickstart nameserver 127.0.0.1 | sudo tee /etc/resolv.conf dig google.com dig -x $dig +short google.com" go get github.com/korc/PR-DNSd sudo setcap capnetbindservice,capsyschroot=ep go/bin/PR-DNSd go/bin/PR-DNSd -upstream 9.9.9.9:53 -listen 127.0.0.1:53 echo...
Google Android Elevation of Privilege Vulnerability (CNVD-2022-52269)
Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in PrivateDnsPreferenceController.java's getAvailabilityStatus, a guest user can bypass privileges to change private DNS settings, and ...
MAL-2022-1273 Malicious code in azure-arm-privatedns-samples-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f89189ef8b747f91d128431cda10a9015b3a70e7a1bad932713b45f99bb06d7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-20112
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20112
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in PrivateDnsPreferenceController.java's getAvailabilityStatus, a guest user can bypass privileges to change private DNS settings, and ...
EulerOS Virtualization for ARM 64 3.0.2.0 : libgcrypt (EulerOS-SA-2020-1571)
According to the versions of the libgcrypt package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - DISPUTED The GNU Multiple Precision Arithmetic Library GMP interfaces for PHP through 7.1.4 allow attackers to cause...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...