12 matches found
EUVD-2022-25301
Malicious code in bioql PyPI...
CVE-2024-20034
In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue ID: ALPS08488849...
CVE-2024-43089
In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20519
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-27054
In onFactoryReset of BluetoothManagerService.java, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-159061926...
PT-2024-24976 · Lwip · Lwip
Name of the Vulnerable Software and Affected Versions: lwip affected versions not specified Description: The issue is related to a missing bounds check in the lwis initialize transaction fences function of lwis fence.c, which could lead to a possible out of bounds write. This could result in loca...
Siemens RUGGEDCOM CROSSBOW Privilege Missing Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a privilege miss vulnerability that could cause an unauthenticated user to upload arbitrary files, which could be exploited by an attacker to execute arbitrary...
CVE-2023-32855
In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204...
PT-2023-26445 · Unknown · Vowifiservice
Name of the Vulnerable Software and Affected Versions: vowifiservice affected versions not specified Description: The issue is related to a possible missing permission check in vowifiservice. This could lead to local escalation of privilege with no additional execution privileges. Recommendations...
Design/Logic Flaw
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
Micro Focus openSUSE Open Build Service Design Vulnerability (CNVD-2018-11432)
Micro Focus openSUSE Open Build Service is a software distribution system from Micro Focus UK. The system builds and distributes software packages from source code in an automated, consistent and repeatable manner. A security vulnerability exists in the 'InitializeDevelPackage' function in Micro...
mysql DROP privilege not enforced when renaming tables
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables...