60 matches found
CVE-2023-41960
The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...
CVE-2023-41960
The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...
CVE-2023-41960
The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...
PT-2023-28192 · Unknown · Android Agent
Name of the Vulnerable Software and Affected Versions: Android Agent application affected versions not specified Description: The issue allows an unprivileged untrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application. This could...
CVE-2023-32442
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...
Design/Logic Flaw
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...
CVE-2023-32442
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...
CVE-2023-32442
CVE-2023-32442 describes an access issue in macOS Shortcuts settings. Affected products include macOS Monterey 12.6.8 and macOS Ventura 13.5, where a shortcut may be able to modify sensitive Shortcuts app settings due to improved access restrictions. The CVE’s attack surface is local (AV:L) with ...
PT-2023-4266 · Apple · Shortcuts App +1
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.5 macOS Monterey versions prior to 12.6.8 Description: An access issue was addressed with improved access restrictions. This issue allows a shortcut to modify sensitive Shortcuts app settings, potentially leading to...
Privilege escalation
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is...
PUB-A-235601169
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is...
CVE-2022-35842
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS...
CVE-2021-30126
Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...
Design/Logic Flaw
Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...
SolarWinds TFTP Server 11.0.4.101 Remote Unauthenticated Reconfiguration Vulnerability
SolarWinds TFTP Server version 11.0.4.101 suffers from a remote unauthenticated reconfiguration vulnerability that could result in code execution. Older versions of SolarWinds' TFTP Server, which could have been installed from a standalone download or bundled with certain paid products, may have...
CVE-2020-27585
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password...
CVE-2020-25281
The CVE-2020-25281 entry concerns LG mobile devices running Android 7.x–8.1 where apps with sensitive security settings (e.g., the package verifier) mishandle unknown-source installations. Affected component/function relates to the installation pipeline for unknown sources. Underlying impact stat...
CVE-2015-2203
Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFFLOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL...
Oracle Application Framework Diagnostic Mode Bypass Vulnerability
Exploit for jsp platform in category web applications Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...
Oracle Application Framework - Diagnostic Mode Bypass
Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...