22 matches found
CVE-2022-33688
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log...
EUVD-2021-12397
Malware in sbrugna...
EUVD-2022-42351
Malicious code in bioql PyPI...
EUVD-2022-36727
Malicious code in bioql PyPI...
CVE-2021-25501
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers...
CVE-2022-39906
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information...
Improper access control
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information...
PT-2022-25099 · Unknown · Sectelephonyprovider
Name of the Vulnerable Software and Affected Versions: SecTelephonyProvider versions prior to SMR Dec-2022 Release 1 Description: The issue is related to improper access control, allowing attackers to access message information. Recommendations: For versions prior to SMR Dec-2022 Release 1, updat...
CVE-2022-39906
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information...
CVE-2022-39906
Impermissible access control in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows local attackers to access message information. Affected component: SecTelephonyProvider. Root cause: improper access control. Impact: exposure of message information (local access). Remediation: update to ...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in versions prior to SMR Dec-2022 Release 1, which stems from an incorrect access control vulnerability in...
CVE-2022-39906
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information...
Samsung SecTelephonyProvider Information Disclosure Vulnerability (CNVD-2022-70741)
Samsung SecTelephonyProvider is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung SecTelephonyProvider, which stems from a lack of protection for EventType in...
CVE-2022-33688
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log...
CVE-2022-33688
CVE-2022-33688 refers to a local-information-disclosure vulnerability in Samsung SecTelephonyProvider’s EventType, allowing a user with log access to extract IMSI from device logs prior to the SMR July 2022 Release 1. The issue is described across multiple feeds (NVD, Red Hat, CNVD, CVE records) ...
CVE-2022-33688
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log...
CVE-2021-25501
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers...
CVE-2021-25501
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers...
Improper access control
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers...
CVE-2021-25501
CVE-2021-25501 involves an improper access control flaw in SCloudBnRReceiver within the SecTelephonyProvider. The root cause allows an untrusted application to call some protected providers, with impact described as limited integrity impact and no confidentiality/availability impact per CVSS metr...