Lucene search
+L

875 matches found

Vulnrichment
Vulnrichment
added 2024/07/09 8:9 p.m.76 views

CVE-2024-31317

In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITESECURESETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.6AI score0.00779EPSS
Exploits12References2
Cvelist
Cvelist
added 2024/07/09 8:9 p.m.45 views

CVE-2024-31317

In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITESECURESETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

0.00779EPSS
Exploits12References2
Vulnrichment
Vulnrichment
added 2024/06/04 1:43 a.m.23 views

CVE-2024-29975

UNSUPPORTED WHEN ASSIGNED The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an authenticated local attacker with administrator privileges to execute...

6.7CVSS7.1AI score0.00466EPSS
Exploits1References2
CVE
CVE
added 2024/05/23 8:29 a.m.135 views

CVE-2024-30280

The CVE-2024-30280 entry affects Adobe Acrobat Reader (versions 20.005.30574, 24.002.20736 and earlier) and is an out-of-bounds read bug triggered while parsing a crafted file. An attacker could execute code in the user’s context, and exploitation requires user interaction (victim opens a malicio...

7.8CVSS6.5AI score0.06645EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2024/02/16 7:15 p.m.40 views

CVE-2024-0015

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00376EPSS
Exploits0References2
NVD
NVD
added 2024/02/16 2:15 a.m.24 views

CVE-2024-0037

In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.9AI score0.00115EPSS
Exploits0References2
Prion
Prion
added 2024/02/16 2:15 a.m.21 views

Information disclosure

In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

6.6AI score0.00115EPSS
Exploits0References2
Prion
Prion
added 2024/02/16 2:15 a.m.12 views

Input validation

In queryChildDocuments of FileSystemProvider.java, there is a possible way to request access to directories that should be hidden due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.6AI score0.00454EPSS
Exploits0References3
CVE
CVE
added 2024/02/16 12:8 a.m.6895 views

CVE-2024-0037

The CVE-2024-0037 entry describes a local information disclosure in Android’s SaveUi.java, where applyCustomDescription can view other users’ images due to a missing permission check. Exploitation is possible with local attacker privileges and does not require user interaction. Connected document...

3.3CVSS6AI score0.00115EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/16 12:8 a.m.39 views

CVE-2024-0037

In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.11 views

PT-2024-15312 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to a missing permission check in the applyCustomDescription function of SaveUi.java, allowing potential local information disclosure with user execution privileges...

3.3CVSS6.2AI score0.00115EPSS
Exploits0References7
NVD
NVD
added 2023/12/04 11:15 p.m.22 views

CVE-2023-45781

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS0.0013EPSS
Exploits0References3
NVD
NVD
added 2023/12/04 11:15 p.m.24 views

CVE-2023-45773

In multiple functions of btmblegap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00124EPSS
Exploits0References2
Prion
Prion
added 2023/12/04 11:15 p.m.19 views

Design/Logic Flaw

In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS7.3AI score0.00197EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2023/12/04 11:15 p.m.20 views

Out-of-bounds

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

1.7CVSS6.3AI score0.00141EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/12/04 11:15 p.m.22 views

Out-of-bounds

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

1.7CVSS6.3AI score0.0013EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/12/04 11:15 p.m.24 views

Out-of-bounds

In multiple functions of btmblegap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS7.4AI score0.00124EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/04 10:40 p.m.12 views

CVE-2023-45781

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.0013EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/04 10:40 p.m.21 views

CVE-2023-45781

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

5.4AI score0.0013EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/04 10:40 p.m.36 views

CVE-2023-40096

In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

8AI score0.00197EPSS
Exploits0References5
Rows per page
Query Builder