23 matches found
EUVD-2022-28508
Malicious code in bioql PyPI...
EUVD-2022-28503
Malicious code in bioql PyPI...
CVE-2022-24000
PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...
CVE-2022-23999
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...
CVE-2022-23432
An improper input validation in SMCSRPMBWSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...
CVE-2022-23427
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...
Spoofing
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...
Input validation
An improper input validation in SMCSRPMBWSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...
Spoofing
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...
Input validation
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station...
Privilege escalation
A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege...
CVE-2022-23999
CVE-2022-23999 describes a PendingIntent hijacking vulnerability in Android’s CpaReceiver prior to Samsung SMR Feb-2022 Release 1, enabling local attackers to access media files via KnoxPrivacyNoticeReceiver through an implicit Intent. Affected component is the CpaReceiver/KnoxPrivacyNoticeReceiv...
CVE-2022-24000
CVE-2022-24000 is confirmed by multiple sources to be a local, Privilege-Granted vulnerability in Android components (DataUsageReminderReceiver and KnoxPrivacyNoticeReceiver) where an attacker can hijack a PendingIntent via an implicit Intent to access media files without permission. The issue is...
CVE-2022-23999
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...
CVE-2022-24000
PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...
CVE-2022-23432
CVE-2022-23432 records an improper input validation in the SMC_SRPMB_WSM handler of RPMB ldfw, before SMR Feb-2022 Release 1, that allows arbitrary memory writes and code execution. Affected: RPMB ldfw/SMSC SRPMB WSM handler (pre-Release 1 Feb-2022). Impact: local attacker could corrupt memory an...
CVE-2022-23431
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...
CVE-2022-23429
CVE-2022-23429 describes an improper boundary check in the Android audio HAL service prior to SMR Feb-2022 Release 1, allowing local attackers to read invalid memory and cause an application crash. In the provided connected records, the vulnerability is documented across multiple sources (NVD, Re...
CVE-2022-23427
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...
CVE-2022-23425
CVE-2022-23425 describes an input validation flaw in the Exynos baseband prior to Samsung SMR Feb-2022 Release 1, allowing an attacker to send arbitrary NAS signaling messages using a fake base station. Affected component: Exynos baseband; issue stems from improper input validation. Impact is des...