99 matches found
CVE-2023-21232
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21232
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Information disclosure
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21232
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21232
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18018 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows for the retrieval of sensor data without proper permissions due to a permissions bypass. This can lead to local information disclosure,...
Google Wear OS Security Vulnerability
Google Wear OS is a Google-developed operating system from Google, Inc. in the United States, designed specifically for use in smartwatches, smart bands, and other wearable devices. Google Wear OS has a security vulnerability that stems from the presence of privilege bypass in multiple locations,...
CVE-2023-27921
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may lead to data acquired by a sensor of the affected product being decrypted by a network-adjacent attacker...
PT-2023-21421 · Jins · Jins Meme Core Firmware
Name of the Vulnerable Software and Affected Versions: JINS MEME CORE Firmware versions 2.2.0 and earlier Description: The issue is related to a hard-coded cryptographic key used in the firmware, which may allow a network-adjacent attacker to decrypt data acquired by a sensor of the affected...
JINS MEME CORE uses a hard-coded cryptographic key
Overview JINS MEME CORE provided by JINS Inc. is a nose pad type sensor attached to a glass frame. JINS MEME CORE uses a hard-coded cryptographic key CWE-321. MASAHIRO IIDA of LAC Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...
CVE-2023-21034
In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-21034
In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from a privilege bypass that could access accurate sensor data...
CVE-2023-21034
CVE-2023-21034 affects Android 13 devices, with the vulnerability located in multiple SensorService.cpp functions where a permissions bypass may allow access to accurate sensor data, causing local privilege escalation. The issue is described as needing low privileges and no user interaction, with...
PUB-A-230358834
In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
Swift Sensors Gateway device password generation authentication bypass vulnerability
Summary An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Version...
Visualizing Network Traffic Data to Drive Action
Top 5 multi group queries for analyzing network sensor data We launched the Insight Network Sensor earlier this year and have since seen great adoption from both new and existing customers. The main use case behind this success is the need for network visibility. Customers want to know what is...
CVE-2020-13995
U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable sBuffer leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DESinfo or imageinfo...
CVE-2020-13995
U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable sBuffer leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DESinfo or imageinfo...
Buffer overflow
U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable sBuffer leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DESinfo or imageinfo...