CVE-2018-9378

CVE-2018-9378 affects Android Pixel/Nexus devices via BnAudioPolicyService::onTransact in IAudioPolicyService.cpp. The issue is information disclosure caused by uninitialized data, enabling local information leakage without extra execution privileges and without user interaction. The documentatio...

CVE-2024-31906

IBM Automation Decision Services 23.0.2 contains an information-disclosure vulnerability where web pages can be stored locally and read by another user on the same system. Affected product/version: IBM Automation Decision Services 23.0.2. Root cause: storage of web content locally enabling access...

CVE-2019-15690

LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution...

CVE-2019-15690

LibVNCServer up to version 0.9.12 contains a HandleCursorShape integer/heap-based overflow in libvncclient/cursor.c triggered by oversized cursor dimensions, potentially enabling remote code execution. The CVE-2019-15690 vulnerability affects LibVNCServer 0.9.12 and earlier; multiple connected so...

CVE-2018-9405

CVE-2018-9405 describes a potential out-of-bounds write in BnDmAgent::onTransact (dm_agent.cpp) due to a missing bounds check, enabling local privilege escalation to System level without user interaction. Affected context shown in multiple sources (Android Pixel/Nexus bulletin references and vend...

CVE-2018-9401

CVE-2018-9401 describes a kernel memory access vulnerability in user space caused by an incorrect bounds check, enabling local privilege escalation without extra execution privileges and with no user interaction. Connected documents indicate this CVE is associated with Google Pixel/Nexus devices ...

CVE-2018-9406

CVE-2018-9406 concerns a vulnerability in NlpService where a missing permission check could allow access to location information, enabling local privilege escalation without additional execution privileges. The exploit requires only local access and does not require user interaction. Affected com...

CVE-2018-9464

CVE-2018-9464 is an Elevation of Privilege in the Google Android Kernel (Taimen bootloader) identified across multiple trackers. The vulnerability arises from a missing permission check, enabling local access to read protected files and escalate privileges with no additional execution privileges ...

CVE-2018-9434

CVE-2018-9434 is evidenced by a Binder Parcel overlap flaw in Android: Parcel data can overlap binder-object metadata, causing kernel pointers to be inserted into attacker-controlled buffers during unmarshalling. This enables information disclosure and an ASLR bypass, potentially allowing local p...

CVE-2018-9382

CVE-2018-9382 affects Android Wi‑Fi service (WifiServiceImpl.java). A missing permission check can allow activating a Wi‑Fi hotspot from a non‑owner profile, enabling local privilege escalation with no extra execution privileges and no user interaction required. Public data confirms the issue is ...

CVE-2018-9379

The CVE-2018-9379 issue affects the Media framework component MiniThumbFile.java on Google Pixel/Nexus devices. Description from multiple sources states a confused-deputy path could allow viewing thumbnails of deleted photos, causing local information disclosure without additional privileges and ...

CVE-2018-9383

CVE-2018-9383 is a vulnerability in the Linux kernel where the asn1_ber_decoder in lib/asn1_decoder.c allows an out-of-bounds read due to a missing bounds check. This can lead to local information disclosure and, per the description, system execution privileges could be required for exploitation;...

CVE-2023-38037

CVE-2023-38037 affects Rails’ ActiveSupport::EncryptedFile, which writes data to a temporary file with permissions derived from the user’s umask. The temporary file could be readable by other users on the same system while a user edits it, enabling local information disclosure. Public documents f...

CVE-2024-27980

CVE-2024-27980 affects Node.js where improper handling of batch files in child_process.spawn/spawnSync allows a malicious command line argument to inject arbitrary commands and achieve code execution even when shell is not enabled. The issue is documented across multiple feeds (Node.js CVE entry,...

CVE-2023-27539

CVE-2023-27539 concerns a denial-of-service vulnerability in the header parsing component of Rack (Ruby Rack). The issue is described as a vulnerability in Rack's header parsing that can affect applications parsing HTTP headers with Rack, leading to potential DoS. The NVD metrics show a MEDIUM-se...

CVE-2023-28120

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...

CVE-2024-27980

Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...

CVE-2023-35685

CVE-2023-35685 describes a logic error in DevmemIntMapPages within the file devicemem_server.c that can cause a physical page use-after-free. This USE-After-FREE condition could enable local privilege escalation in the kernel without requiring additional execution privileges or user interaction. ...

CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs...

CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs...