CVE-2011-0419

CVE-2011-0419 is a stack consumption/DoS vulnerability in the APR library’s fnmatch implementation (apr_fnmatch.c) and, for some platforms, in libc’s fnmatch.c. It affects APR < 1.4.3 and Apache HTTP Server

CVE-2024-29748

CVE-2024-29748 is an Android Pixel privilege-escalation vulnerability affecting Pixel firmware. Root cause described as a logic error allowing local escalation of privilege without extra execution privileges; exploitation requires user interaction. CVSSv3.1 base score 7.8 (HIGH) with LOCAL access...

CVE-2023-21394

The CVE relates to TelecomServiceImpl.java (registerPhoneAccount) on Android. A missing permission check could allow an attacker to disclose images from another user via local access, with no extra execution privileges or user interaction required. The issue is described consistently across multi...

CVE-2023-21366

Technical details (affected products, exact vulnerable component, versions, exploit specifics) are not publicly available in the provided Connected documents for CVE-2023-21366. Monitor for updates.

CVE-2022-23728

CVE-2022-23728 concerns an LG smartphone vulnerability where an attacker can reset the device using AT Command during the reboot process (LG ID LVE-SMP-210011). The CVSSv3.1 vector indicates physical access, low complexity, no privileges required, and no user interaction, with impact on integrity...

CVE-2020-13843

Technical details about CVE-2020-13843 are not provided in the supplied documents; monitor for updates.

CVE-2014-7914

The CVE-2014-7914 entry concerns the Android Bluetooth stack (btif_dm.c) prior to version 5.1. The root cause is improper enforcement of the temporary nature of Bluetooth pairing, which can be bypassed by an attacker via crafted Bluetooth packets after a user taps a crafted NFC tag. Documented im...

CVE-2008-7298

The CVE-2008-7298 entry concerns the Android browser. It describes a vulnerability where the browser cannot properly restrict modifications to cookies established during HTTPS sessions, enabling a man-in-the-middle to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP respon...

CVE-2015-5582

Summary: CVE-2015-5582 affects Adobe Flash Player and Adobe AIR components. A memory corruption vulnerability in Flash Player allows remote code execution or denial of service via parsing crafted media (SWF/MP4) payloads, with exploitable conditions indicated by related advisories. Affected produ...

CVE-2015-3104

CVE-2015-3104 is an integer overflow in Adobe Flash Player (Windows, macOS, Linux) and related Adobe AIR/SDK components. The flaw allows arbitrary code execution via unspecified vectors and affects Flash Player versions prior to 13.0.0.292, 14.x up to 18.x before 18.0.0.160 (Windows/macOS) and pr...

CVE-2015-3100

Adobe Flash Player and related components are affected by a stack-based buffer overflow (CVE-2015-3100) that enables arbitrary code execution. Affected product/version range includes Flash Player prior to 13.0.0.292 and 14.x through 18.x prior to 18.0.0.160 on Windows/macOS, and prior to 11.2.202...

CVE-2015-3105

CVE-2015-3105 affects Adobe Flash Player and related AIR/SDK components. The vulnerability enables arbitrary code execution or memory-corruption-induced DoS via unspecified vectors in Flash Player and AIR across Windows, macOS, Linux, and Android, with affected versions listed in the initial desc...

CVE-2015-5580

CVE-2015-5580 corresponds to a memory corruption vulnerability in Adobe Flash Player and related AIR components, reported as APSB15-23. Affected products include Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows/OS X, and before 11.2.202.521 on Linux, plus Adobe AIR before 19.0...

CVE-2022-23729

CVE-2022-23729 affects LG mobile devices when in factory state, allowing shell access without adb authentication. The issue is described consistently across multiple sources (NVD, Red Hat, CVE records, CNNVD) as an authentication flaw enabling direct shell access in factory mode. The Root Cause a...

CVE-2023-21395

CVE-2023-21395 involves a Bluetooth use-after-free bug that can trigger an out-of-bounds read, enabling remote information disclosure without user interaction or additional privileges. The vulnerability is documented across multiple feeds (NVD entry authoring the Bluetooth impact; Red Hat and oth...

CVE-2015-3108

CVE-2015-3108 describes a memory disclosure vulnerability in Adobe Flash Player and related AIR components that bypasses ASLR by not properly restricting discovery of memory addresses. Affected products include Flash Player on Windows, macOS, and Linux (versions listed in the entry), and Adobe AI...

CVE-2015-3103

CVE-2015-3103 concerns Adobe Flash Player and is supported by connected sources that identify it as a race condition leading to a use-after-free. The issue affects Flash Player on Windows, OS X, and Linux, with the vulnerability triggered by a COM object initialization/deinitialization sequence t...

CVE-2015-3101

CVE-2015-3101 describes a privilege-escalation path in the Flash broker when using Internet Explorer, affecting the Flash Player and related AIR components. The vulnerability is tied to a transition from Low Integrity to Medium Integrity via IE, with the impact (per the sources) being privilege e...

CVE-2015-3107

CVE-2015-3107 is a Use-After-Free vulnerability in Adobe Flash Player (and related AIR components) that can lead to arbitrary code execution via unspecified vectors. Affected products include Flash Player on Windows, macOS, and Linux, with versions before 13.0.0.292 and earlier 18.x before 18.0.0...

CVE-2019-9465

CVE-2019-9465 concerns the Titan M secure hardware in Android 10. The issue is a possible information disclosure due to an unusual root cause affecting cryptographic operations, enabling local information disclosure without additional execution privileges and without user interaction. Affected co...

CVE-2015-3096

CVE-2015-3096 relates to Adobe Flash Player and related AIR components; connected sources indicate a CSRF issue linked to an incomplete fix for CVE-2014-5333, enabling CSRF via crafted SWF/OBJECT content and potentially bypassing protections. Details about affected versions are provided in adviso...

CVE-2015-5578

The provided documents confirm CVE-2015-5578 affects Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows/OS X, and before 11.2.202.521 on Linux, as well as Adobe AIR before 19.0.0.190 (and AIR SDK/Compiler before 19.0.0.190). The connected advisories indicate the root cause...

CVE-2015-3098

Adobe Flash Player and related AIR components are affected by a vulnerability (CVE-2015-3098) that could bypass the Same Origin Policy via unspecified vectors. Mageia MGASA-2015-0248 notes a fix in Flash Player 11.2.202.468 and links CVE-2015-3098 to this update. Affected versions include Windows...

CVE-2015-3106

Adobe Flash Player contains a use-after-free vulnerability (CVE-2015-3106) that allows arbitrary code execution via unspecified vectors. Affected products include Flash Player before 13.0.0.292 and 14.x up to 18.x before 18.0.0.160 on Windows/macOS, and before 11.2.202.466 on Linux; Adobe AIR bef...

CVE-2024-47022

CVE-2024-47022 affects Google Pixel devices running Android prior to the 2024-10-05 patch level, with the ACPM component (A-331255656) identified as the vulnerable element. The Red Hat and CNVD entries corroborate the same information disclosure issue, described as an information leak stemming fr...

CVE-2015-6682

CVE-2015-6682 is a use-after-free in Adobe Flash Player (and related AIR components) that enables remote code execution via specially crafted SWF handling. Affected products include Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and macOS, and before 11.2.202.521 on Linux; A...

CVE-2015-6676

CVE-2015-6676 is a buffer overflow vulnerability in Adobe Flash Player and related AIR components. Affected: Flash Player on Windows/macOS prior to 18.0.0.241 and 19.x prior to 19.0.0.185, Linux prior to 11.2.202.521; AIR before 19.0.0.190 and AIR SDK/Compiler before 19.0.0.190. Description notes...

CVE-2015-3099

CVE-2015-3099 concerns Adobe Flash Player and related Adobe AIR components. Affected versions include Flash Player 13.0.0.292 and 14.x up to 18.x before 18.0.0.160 on Windows/macOS, and before 11.2.202.466 on Linux; Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X/Android; and...

CVE-2015-5570

CVE-2015-5570 is a use-after-free vulnerability in Adobe Flash Player (affecting pre-18.0.0.241 and 19.x before 19.0.0.185) and Adobe AIR before 19.0.0.190, enabling remote code execution via specially crafted SWF handling. Adobe APSB15-23 patches are referenced; apply fixed builds to remediate.

CVE-2014-7224

CVE-2014-7224 is an Android code‑execution vulnerability affecting versions prior to 4.4.0, tied to the addJavascriptInterface method and the accessibility/accessibilityTraversal objects. A remote attacker could potentially execute arbitrary code; NVD assigns high severity (CVSS v3.1: 8.8, vector...

CVE-2015-3102

Adobe Flash Player and related runtimes (Windows/macOS: 13.0.0.292 and 14.x–18.x before 18.0.0.160; Linux before 11.2.202.466; AIR before 18.0.0.144 on Windows and before 18.0.0.143 on macOS/Android; AIR SDKs before 18.0.0.144/18.0.0.143) are affected by CVE-2015-3102, which enables remote bypass...

CVE-2015-5588

Technical details about CVE-2015-5588 are not publicly provided in the connected documents. No affected product/version/impact is specified here. Monitor for updates in the EUVD advisories and official vendor bulletins.

CVE-2023-21389

CVE-2023-21389 concerns a bypass of profile owner restrictions in Android Settings due to a missing permission check, enabling local elevation of privilege without extra execution privileges and without user interaction. Multiple connected sources describe this as an Android elevation-of-privileg...

CVE-2015-5567

CVE-2015-5567 describes a stack memory corruption vulnerability in Adobe Flash Player and Adobe AIR that could allow remote code execution or a denial of service. Affected software and versions (as stated): Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows/OS X; Flash on Linux ...

CVE-2015-5572

Adobe Flash Player and related Adobe AIR components are affected by CVE-2015-5572, a security bypass that allows information disclosure by bypassing intended access restrictions. The vulnerability affects Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X, and before 11...

CVE-2015-5575

Technical details for CVE-2015-5575 are not publicly provided in the supplied documents. Monitor for updates.

CVE-2015-5584

Technical details about CVE-2015-5584 are not publicly provided in the connected documents. The initial description lists affected products/versions but no concrete exploit/vulnerability details. Monitor for updates from advisories.

CVE-2023-21314

CVE-2023-21314 is a Bluetooth-related information-disclosure vulnerability in Android, caused by a missing bounds check that allows an out-of-bounds read. The impact is local information disclosure with system-level privileges required for exploitation; no user interaction is needed. Multiple con...

CVE-2023-21330

CVE-2023-21330 is an information-disclosure vulnerability in Android’s Overlay Manager. The issue allows a local attacker to determine whether an app is installed without query permissions via a side-channel, enabling information disclosure without additional execution privileges. Documented in m...

CVE-2015-6677

Technical details about CVE-2015-6677 are not provided in the connected documents. The supplied sources do not reveal affected products, vulnerable components, exploit information, or remediation. Monitor for updates and await published technical specifics.

CVE-2016-1943

Consolidated details show CVE-2016-1943 affects Mozilla Firefox on Android, where the address bar can be spoofed via the scrollTo method. OpenSUSE release notes (openSUSE-2016-128/0306-1/0309) document Firefox 44.0 and NSS/NSPR updates as fixes, explicitly listing CVE-2016-1943 as part of address...

CVE-2023-21294

CVE-2023-21294 concerns Android’s Slice component, where a missing permission check enables local information disclosure by exposing installed packages. The exploit requires no user interaction and does not require additional privileges. The connected sources reiterate the same description but do...

CVE-2015-6678

CVE-2015-6676 affects Adobe Flash Player and AIR components. The vulnerability is a buffer overflow in Flash Player before 18.0.0.241 and in the 19.x line before 19.0.0.185 (Windows/OS X) and before 11.2.202.521 on Linux, plus Adobe AIR before 19.0.0.190 and AIR SDK/Compiler before 19.0.0.190. Th...

CVE-2015-5568

CVE-2015-5568 affects Adobe Flash Player and related AIR components. Public docs confirm this vulnerability is part of the APSB15-23 set and is tied to a vector-length corruption that could enable a denial of service or other impact. Affected software and versions per the sources include: Windows...

CVE-2015-5577

Adobe Flash Player and Adobe AIR are affected by CVE-2015-5577. Affected products include Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows/macOS, and before 11.2.202.521 on Linux, as well as Adobe AIR before 19.0.0.190 and related AIR SDK/Compiler versions. The vulnerability a...

CVE-2015-5581

CVE-2015-5581 is a use-after-free vulnerability in Adobe Flash Player (and related AIR components) that allows remote arbitrary-code execution. Affected: Flash Player on Windows, OS X (before 18.0.0.241; before 19.0.0.185 for 19.x), Linux (before 11.2.202.521); Adobe AIR before 19.0.0.190; AIR SD...

CVE-2023-21307

CVE-2023-21307 affects Android’s Bluetooth component. A paired Bluetooth device can bypass permissions to read the device’s long-term identifier, leading to local information disclosure without additional execution privileges; user interaction is required for exploitation. The issue is categorize...

CVE-2024-47020

CVE-2024-47020 affects Google Pixel devices running Android prior to the 2024-10-05 patch level, with the vulnerability classified as Information Disclosure in the ABL component (A-331966488). Public descriptors identify an information disclosure bug in ABL on Pixel hardware, but the available do...

CVE-2011-3881

CVE-2011-3881 affects WebKit as used in Google Chrome <15.0.874.102 and Android

CVE-2023-21390

CVE-2023-21390 is described across multiple sources as a permission bypass in the Android environment related to a component labeled as Sim, allowing evasion of mobile-preference restrictions and enabling local privilege escalation without requiring extra execution privileges. Exploitation is rep...