27 matches found
EUVD-2019-2324
Malware in sbrugna...
EUVD-2021-17648
Malware in sbrugna...
EUVD-2021-12252
Malware in sbrugna...
EUVD-2023-25399
Malicious code in bioql PyPI...
EUVD-2021-3510
Malicious code in bioql PyPI...
EUVD-2023-45874
Malicious code in bioql PyPI...
CVE-2021-25356
An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application...
CVE-2019-10520
An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / ...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 16.7.8 and iPadOS version 16.7.8, which arises from the possibility...
Design/Logic Flaw
In getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2023-21231
In getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2023-21231
CVE-2023-21231 is a Wear OS/Android framework issue where getIntentForButton in ButtonManager.java fails to perform a necessary permission check, allowing an unprivileged app to start a non-exported or permission-protected activity. This yields local escalation of privilege with no extra executio...
Design/Logic Flaw
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
CVE-2023-35863
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
CVE-2023-35863
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
CVE-2022-44455
The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the...
ASB-A-236849490
An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure...
Design/Logic Flaw
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina. An unprivileged application may be able to capture USB devices...
CVE-2021-30731
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina. An unprivileged application may be able to capture USB devices...
CVE-2021-30913
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables...