CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

RedhatCVE•added 2026/01/09 10:16 a.m.•4 views

CVE-2019-2023

In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....

7.8CVSS7.2AI score0.00116EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-4913

Malware in sbrugna...

9.3CVSS7.9AI score0.00062EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-4726

Malware in sbrugna...

7.8CVSS7.7AI score0.00265EPSS

Exploits2References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-26163

Malware in sbrugna...

7.8CVSS7.6AI score0.00015EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-11665

Malware in sbrugna...

7.8CVSS7.7AI score0.00116EPSS

Exploits1References3

OSV•added 2024/06/25 1:30 p.m.•5 views

MAL-2024-4597 Malicious code in OCI.DotNetSDK.Servicemanager.proxy (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0References1

OSSF Malicious Packages•added 2024/06/25 1:30 p.m.•2 views

Malicious code in OCI.DotNetSDK.Servicemanager.proxy (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References1

OSV•added 2022/06/15 2:15 p.m.•0 views

CVE-2021-39806

In closef of labelbackendsandroid.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User...

7.8CVSS7.4AI score0.00015EPSS

Exploits0References1

Prion•added 2022/06/15 2:15 p.m.•10 views

Double free

4.6CVSS7.6AI score0.00015EPSS

Exploits0References1Affected Software1

CVE•added 2022/06/15 1:17 p.m.•92 views

CVE-2021-39806

CVE-2021-39806 affects Android 12L, with a memory corruption risk due to a double free in closef of label_backends_android.c. The issue could enable local escalation of privilege during servicemanager startup if an initialization failure is triggered, with no additional execution privileges requi...

7.8CVSS7.7AI score0.00015EPSS

Exploits0References1Affected Software1

OSV•added 2022/01/01 12:0 a.m.•21 views

ASB-A-203847542

In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00015EPSS

Exploits0References2

Cvelist•added 2021/12/15 6:5 p.m.•10 views

CVE-2021-0919

In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

5.3AI score0.00042EPSS

Exploits0References1

NVD•added 2020/05/13 3:15 p.m.•6 views

CVE-2019-16112

TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI...

8.8CVSS8.8AI score0.01994EPSS

Exploits2References1

0day.today•added 2020/05/12 12:0 a.m.•30 views

TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit

Exploit for java platform in category web applications Exploit Title: TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit Author: Anthony Cole Vendor Homepage: https://www.tylertech.com/products/eagle Version: 2018.3.11 Tested on: Windows 2012 CVE: N/A Category: webapps Eagle is a software...

7.4AI score

Exploits0

ATTACKERKB•added 2020/02/13 12:0 a.m.•18 views

Calling getpidcon for One Way Binder Transactions Returns Wrong Security Context

The servicemanager, keystore and drmserver all use getpidcon function to get the security context of the caller from a binder. When combined with a one way binder transaction this results in getting the security context of the current process which might allow a selinux mac bypass. Recent...

2.7AI score

Exploits0References1

NVD•added 2019/06/19 9:15 p.m.•13 views

CVE-2019-2023

7.8CVSS7.5AI score0.00116EPSS

Exploits1References1

Prion•added 2019/06/19 9:15 p.m.•13 views

Code injection

7.2CVSS7.5AI score0.00116EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/06/19 8:5 p.m.•12 views

CVE-2019-2023

7.6AI score0.00116EPSS

Exploits1References1

CVE•added 2019/06/19 8:5 p.m.•123 views

CVE-2019-2023

CVE-2019-2023 affects Android's hardware ServiceManager::add, where an insecure PID-based permissions check can let an app add or replace a HAL service, enabling code execution in a privileged process. Supported in multiple feeds (NVD, Red Hat, PRION, CIRCL) with exploited/attack data referenced ...

7.8CVSS7.5AI score0.00116EPSS

Exploits1References1Affected Software1

exploitpack•added 2019/03/14 12:0 a.m.•132 views

Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code Execution

Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code Execution """ Exploit Title: Apache UNO API RCE Date: 2018-09-18 Exploit Author: sud0woodo Vendor Homepage: https://www.apache.org/ Software Link: https://www.openoffice.org/api/ Version: LibreOffice Version: 6.1.2 /...

0.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by