Lucene search
K

60 matches found

NVD
NVD
added 2023/10/25 6:17 p.m.20 views

CVE-2023-41960

The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...

7.1CVSS6.7AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/25 2:12 p.m.28 views

CVE-2023-41960

The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...

7.1CVSS6.9AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 2:12 p.m.10 views

CVE-2023-41960

The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...

7.1CVSS6.7AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.4 views

PT-2023-28192 · Unknown · Android Agent

Name of the Vulnerable Software and Affected Versions: Android Agent application affected versions not specified Description: The issue allows an unprivileged untrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application. This could...

7.1CVSS3.6AI score0.00185EPSS
Exploits0References3
NVD
NVD
added 2023/07/27 1:15 a.m.14 views

CVE-2023-32442

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...

5.5CVSS5.3AI score0.00197EPSS
Exploits0References2
Prion
Prion
added 2023/07/27 1:15 a.m.17 views

Design/Logic Flaw

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...

1.9CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/27 12:31 a.m.13 views

CVE-2023-32442

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings...

5.6AI score0.00197EPSS
Exploits0References2
CVE
CVE
added 2023/07/27 12:31 a.m.306 views

CVE-2023-32442

CVE-2023-32442 describes an access issue in macOS Shortcuts settings. Affected products include macOS Monterey 12.6.8 and macOS Ventura 13.5, where a shortcut may be able to modify sensitive Shortcuts app settings due to improved access restrictions. The CVE’s attack surface is local (AV:L) with ...

5.5CVSS5.2AI score0.00197EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.4 views

PT-2023-4266 · Apple · Shortcuts App +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.5 macOS Monterey versions prior to 12.6.8 Description: An access issue was addressed with improved access restrictions. This issue allows a shortcut to modify sensitive Shortcuts app settings, potentially leading to...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References8
Prion
Prion
added 2022/12/16 4:15 p.m.23 views

Privilege escalation

In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is...

1.7CVSS4.3AI score0.00109EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/12/01 12:0 a.m.9 views

PUB-A-235601169

In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is...

3.3CVSS7AI score0.00109EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/11/02 12:15 p.m.4 views

CVE-2022-35842

An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS...

7.5CVSS5.8AI score0.00608EPSS
Exploits0References2
NVD
NVD
added 2021/04/02 8:15 p.m.21 views

CVE-2021-30126

Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...

6.5CVSS0.00674EPSS
Exploits0References1
Prion
Prion
added 2021/04/02 8:15 p.m.379 views

Design/Logic Flaw

Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...

6.4CVSS6.6AI score0.00674EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2021/03/17 12:0 a.m.89 views

SolarWinds TFTP Server 11.0.4.101 Remote Unauthenticated Reconfiguration Vulnerability

SolarWinds TFTP Server version 11.0.4.101 suffers from a remote unauthenticated reconfiguration vulnerability that could result in code execution. Older versions of SolarWinds' TFTP Server, which could have been installed from a standalone download or bundled with certain paid products, may have...

0.8AI score
Exploits0
Cvelist
Cvelist
added 2020/11/30 7:41 p.m.15 views

CVE-2020-27585

Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password...

4.5AI score0.00314EPSS
Exploits1References1
CVE
CVE
added 2020/09/11 9:18 p.m.42 views

CVE-2020-25281

The CVE-2020-25281 entry concerns LG mobile devices running Android 7.x–8.1 where apps with sensitive security settings (e.g., the package verifier) mishandle unknown-source installations. Affected component/function relates to the installation pipeline for unknown sources. Underlying impact stat...

7.5CVSS7.5AI score0.00346EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/01 5:0 p.m.20 views

CVE-2015-2203

Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFFLOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL...

6.1AI score0.02167EPSS
Exploits0References8
0day.today
0day.today
added 2013/01/17 12:0 a.m.90 views

Oracle Application Framework Diagnostic Mode Bypass Vulnerability

Exploit for jsp platform in category web applications Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...

7.1AI score0.02672EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/01/16 12:0 a.m.64 views

Oracle Application Framework - Diagnostic Mode Bypass

Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...

6.4CVSS6.5AI score0.02672EPSS
Exploits5
Rows per page
Query Builder