PT-2022-14536 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing permission check in Telecomm, which could lead to the disclosure of registered self-managed phone accounts. This results in local information disclosure and requires...

PT-2022-14535 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue concerns a possible disclosure of registered self-managed phone accounts due to a missing permission check. This could lead to local information disclosure, with exploitation requiring User...

CVE-2021-39788

In TelecomManager, there is a possible way to check if a particular self managed phone account was registered on the device due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo...

CVE-2021-39788

In TelecomManager, there is a possible way to check if a particular self managed phone account was registered on the device due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo...

New Security Vulnerability Affects Thousands of Self-Managed GitLab Instances

Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 CVSS score: 5.3, the medium-severity flaw affects all version...

GitLab: Store-XSS in error message of build-dependencies

Hi, A stored-XSS is existing in error message of build-dependencies. Fortunately it currently does not exist in gitlab.com. It seems that gitlab.com disables the dependencies validation. However this feature is enable by default in self-managed installation. Steps to reproduce The following steps...