Lucene search
+L

875 matches found

Cvelist
Cvelist
added 2019/09/27 6:5 p.m.16 views

CVE-2019-9440

In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of the Email app's protected files with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-37637796...

4.7AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.19 views

CVE-2019-9280

In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

5.4AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.19 views

CVE-2019-9277

In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android...

4.5AI score0.00175EPSS
Exploits0References1
Prion
Prion
added 2019/09/06 10:15 p.m.18 views

Design/Logic Flaw

In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.2CVSS7.5AI score0.00199EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/08/20 8:15 p.m.25 views

CVE-2019-2137

In the endCall function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android...

5.5CVSS6.6AI score0.00155EPSS
Exploits0References2
Prion
Prion
added 2019/08/20 8:15 p.m.17 views

Design/Logic Flaw

In the endCall function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android...

4.9CVSS5.3AI score0.00155EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/05/22 8:29 p.m.18 views

CVE-2018-7834

A CWE-79 Cross-Site Scripting vulnerability exists in all versions of the TSXETG100 allowing an attacker to send a specially crafted URL with an embedded script to a user that would then be executed within the context of that user...

6.1CVSS5.9AI score0.00793EPSS
Exploits0References1
Prion
Prion
added 2018/12/06 2:29 p.m.13 views

Out-of-bounds

In HIDDevAddRecord of hiddapi.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

4.6CVSS7.7AI score0.0016EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/12/06 2:0 p.m.18 views

CVE-2018-9560

In HIDDevAddRecord of hiddapi.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

7.8AI score0.0016EPSS
Exploits0References2
Prion
Prion
added 2018/11/06 5:29 p.m.22 views

Out-of-bounds

In BNEPWrite of bnepapi.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1...

7.2CVSS7.7AI score0.00208EPSS
Exploits0References2Affected Software1
android
android
added 2018/06/01 12:0 a.m.28 views

CVE-2018-9357

In BNEPWrite of bnepapi.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1...

7.2CVSS5.8AI score0.00208EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/11/22 12:0 a.m.6 views

Intel Deep Learning Training Tool Elevation of Privilege Vulnerability

Intel Deep Learning Training Tool Beta is a set of deep learning training tools from Intel USA. The tool supports visual tuning and running deep learning algorithms. An elevation of privilege vulnerability exists in Intel Deep Learning Training Tool Beta 1. A remote attacker could exploit this...

9.8CVSS7.4AI score0.01747EPSS
Exploits0References1
Prion
Prion
added 2017/10/11 1:32 a.m.12 views

Cross site scripting

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

3.5CVSS5.5AI score0.00863EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/12 1:29 p.m.29 views

Code injection

nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd...

7.5CVSS7.7AI score0.0444EPSS
Exploits2References9Affected Software1
Symantec
Symantec
added 2017/04/11 12:0 a.m.47 views

Microsoft Windows LDAP CVE-2017-0166 Remote Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...

9.3CVSS0.8AI score0.06415EPSS
Exploits0Affected Software3
Prion
Prion
added 2016/12/23 10:59 p.m.12 views

Command injection

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...

4CVSS7.2AI score0.01661EPSS
Exploits0References4Affected Software2
Symantec
Symantec
added 2015/10/13 12:0 a.m.32 views

Microsoft Internet Explorer CVE-2015-6042 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.9AI score0.22406EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2014/08/26 12:49 a.m.26 views

WiFi software Acrylic WiFi Free v2.0 - Real-time WLAN information and network analysis

New Acrylic WiFi software update. WiFi software for network analysis has gone through many changes since the first free version and finally reaches version v2.0 with more power than ever and long awaited features for network and channel analysis under Windows and with any wireless card. Acrylic...

7.1AI score
Exploits0
OSV
OSV
added 2014/05/14 10:2 p.m.9 views

MGASA-2014-0215 Updated php packages fix CVE-2014-0185

Updated php packages fix security vulnerability: PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user CVE-2014-0185. Additionally updated...

7.2CVSS6.3AI score0.00505EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2011/02/15 12:0 a.m.30 views

Gollos 2.8 Cross Site Scripting

==================================== Vulnerability ID: HTB22831 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingollos.html Product: Gollos Vendor: Gollos http://www.gollos.com/ Vulnerable Version: 2.8 and probably prior versions Vendor Notification: 01 February 2011 Vulnerability...

0.1AI score
Exploits0
Rows per page
Query Builder