23 matches found
CVE-2026-0060
In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0060
Technical details about CVE-2026-0060 are not publicly available in the provided documents. No affected products, vectors, or mitigations are specified here. Monitor for updates as new information becomes available.
PT-2026-45579
In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-459639258
In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android elevation of privilege vulnerability (CNVD-2025-29703)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the updateState function in ContentProtectionTogglePreferenceController.java, which can be exploited by an attacker to elevate...
CVE-2025-32345
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
Prototype Pollution
@andrei-tatar/nora-firebase-common is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of the updateState parameter in the updateStateInternal method. This allows remote attackers to execute malicious scripts, resulting in Arbitrary Code Execution...
GHSA-JJFF-Q3Q4-5HH8 @andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
nora-common 安全漏洞
nora-common is a common repo between the NORA Node Red client and the NORA Firebase backend by Andrei Tatar Individual Developer. A security vulnerability exists in nora-common versions v.1.0.41 through v.1.12.2, which originates from a vulnerability that allows remote attackers to execute...
CVE-2024-30564
The CVE-2024-30564 issue affects andrei-tatar/nora-firebase-common in versions 1.0.41 through 1.12.2, where a crafted script submitted to the updateState parameter of updateStateInternal can enable remote code execution. Multiple sources corroborate the vulnerability’s presence across Red Hat, Ve...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
PT-2024-23492 · Unknown · Inandrei-Tatar Nora-Firebase-Common
Name of the Vulnerable Software and Affected Versions: inandrei-tatar nora-firebase-common versions 1.0.41 through 1.12.2 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method. This enables the...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
CVE-2022-20348
In updateState of LocationServicesWifiScanningPreferenceController.java, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20348
In updateState of LocationServicesWifiScanningPreferenceController.java, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2022-14573 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: In the updateState method of LocationServicesWifiScanningPreferenceController.java, there is a possible admin restriction bypass due to a missing permission check. This could lead t...