| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-19274 | — | Hig | 0.47 | 7.2 | 0.05 | Nov 17, 2018 | Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions. | |
| CVE-2018-15769 | Hig | 0.49 | 7.5 | 0.03 | Nov 16, 2018 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very… | ||
| CVE-2018-18955 | Hig | 0.04 | 7.0 | 0.08 | Nov 16, 2018 | In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass… | ||
| CVE-2018-19318 | Hig | 0.57 | 8.8 | 0.00 | Nov 16, 2018 | SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. | ||
| CVE-2018-19312 | — | Hig | 0.00 | 8.8 | 0.02 | Nov 16, 2018 | Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI. | |
| CVE-2018-18799 | Hig | 0.60 | 8.8 | 0.02 | Nov 16, 2018 | School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos. | ||
| CVE-2018-18797 | Hig | 0.60 | 8.8 | 0.02 | Nov 16, 2018 | School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php. | ||
| CVE-2018-18794 | Hig | 0.60 | 8.8 | 0.02 | Nov 16, 2018 | School Event Management System 1.0 allows CSRF via user/controller.php?action=edit. | ||
| CVE-2018-18759 | Hig | 0.52 | 7.5 | 0.09 | Nov 16, 2018 | Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. | ||
| CVE-2018-18756 | Hig | 0.49 | 7.5 | 0.02 | Nov 16, 2018 | Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008. | ||
| CVE-2018-16396 | Hig | 0.53 | 8.1 | 0.08 | Nov 16, 2018 | An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats. | ||
| CVE-2018-7362 | Hig | 0.49 | 7.5 | 0.01 | Nov 16, 2018 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router. | ||
| CVE-2018-9086 | Hig | 0.47 | 7.2 | 0.02 | Nov 16, 2018 | In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users. | ||
| CVE-2018-19296 | — | Hig | 0.57 | 8.8 | 0.02 | Nov 16, 2018 | PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. | |
| CVE-2018-16621 | Hig | 0.47 | 7.2 | 0.02 | Nov 15, 2018 | Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. | ||
| CVE-2018-16620 | Hig | 0.49 | 7.5 | 0.01 | Nov 15, 2018 | Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. | ||
| CVE-2018-16162 | Hig | 0.57 | 8.8 | 0.01 | Nov 15, 2018 | OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors. | ||
| CVE-2018-16161 | Hig | 0.57 | 8.8 | 0.01 | Nov 15, 2018 | OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations. | ||
| CVE-2018-16160 | Hig | 0.51 | 7.8 | 0.00 | Nov 15, 2018 | SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC. | ||
| CVE-2018-12543 | Hig | 0.52 | 7.5 | 0.36 | Nov 15, 2018 | In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, then an assert is triggered that should otherwise not be reachable and Mosquitto will exit. | ||
| CVE-2018-0701 | Hig | 0.57 | 8.8 | 0.01 | Nov 15, 2018 | BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access. | ||
| CVE-2018-0700 | Hig | 0.49 | 7.5 | 0.01 | Nov 15, 2018 | YukiWiki 2.1.3 and earlier does not process a particular request properly that may allow consumption of large amounts of CPU and memory resources and may result in causing a denial of service condition. | ||
| CVE-2018-0693 | Hig | 0.49 | 7.5 | 0.02 | Nov 15, 2018 | Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors. | ||
| CVE-2018-0692 | Hig | 0.51 | 7.8 | 0.01 | Nov 15, 2018 | Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0690 | Hig | 0.49 | 7.5 | 0.02 | Nov 15, 2018 | An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files. | ||
| CVE-2018-0686 | Hig | 0.57 | 8.8 | 0.01 | Nov 15, 2018 | Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors. | ||
| CVE-2018-0685 | Hig | 0.57 | 8.8 | 0.01 | Nov 15, 2018 | SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail search. | ||
| CVE-2018-0673 | Hig | 0.53 | 8.1 | 0.01 | Nov 15, 2018 | Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2018-19278 | Hig | 0.49 | 7.5 | 0.04 | Nov 14, 2018 | Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually… | ||
| CVE-2018-9545 | Hig | 0.51 | 7.8 | 0.00 | Nov 14, 2018 | In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.… | ||
| CVE-2018-9542 | Hig | 0.49 | 7.5 | 0.01 | Nov 14, 2018 | In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.… | ||
| CVE-2018-9541 | Hig | 0.49 | 7.5 | 0.01 | Nov 14, 2018 | In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9540 | Hig | 0.49 | 7.5 | 0.01 | Nov 14, 2018 | In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.… | ||
| CVE-2018-9539 | Hig | 0.46 | 7.0 | 0.00 | Nov 14, 2018 | In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0… | ||
| CVE-2018-9537 | Hig | 0.57 | 8.8 | 0.02 | Nov 14, 2018 | In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:… | ||
| CVE-2018-9536 | Hig | 0.51 | 7.8 | 0.01 | Nov 14, 2018 | In numerous functions of libFDK, there are possible out of bounds writes due to incorrect bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9.… | ||
| CVE-2018-9535 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9534 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9533 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2018-9532 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9531 | Hig | 0.51 | 7.8 | 0.01 | Nov 14, 2018 | In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2018-9530 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9529 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9528 | Hig | 0.57 | 8.8 | 0.01 | Nov 14, 2018 | In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:… | ||
| CVE-2018-9527 | Hig | 0.51 | 7.8 | 0.01 | Nov 14, 2018 | In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2018-9526 | Hig | 0.49 | 7.5 | 0.01 | Nov 14, 2018 | In device configuration data, there is an improperly configured setting. This could lead to remote disclosure of device location. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112159033 | ||
| CVE-2018-9525 | Hig | 0.51 | 7.8 | 0.00 | Nov 14, 2018 | In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change… | ||
| CVE-2018-9524 | Hig | 0.51 | 7.8 | 0.00 | Nov 14, 2018 | In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.… | ||
| CVE-2018-9523 | Hig | 0.51 | 7.8 | 0.00 | Nov 14, 2018 | In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9522 | Hig | 0.51 | 7.8 | 0.00 | Nov 14, 2018 | In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User… |
- risk 0.47cvss 7.2epss 0.05
Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
- risk 0.49cvss 7.5epss 0.03
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very…
- risk 0.04cvss 7.0epss 0.08
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass…
- risk 0.57cvss 8.8epss 0.00
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.
- risk 0.00cvss 8.8epss 0.02
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
- risk 0.60cvss 8.8epss 0.02
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
- risk 0.60cvss 8.8epss 0.02
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
- risk 0.60cvss 8.8epss 0.02
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
- risk 0.52cvss 7.5epss 0.09
Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow.
- risk 0.49cvss 7.5epss 0.02
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008.
- risk 0.53cvss 8.1epss 0.08
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
- risk 0.49cvss 7.5epss 0.01
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router.
- risk 0.47cvss 7.2epss 0.02
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
- risk 0.57cvss 8.8epss 0.02
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
- risk 0.47cvss 7.2epss 0.02
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
- risk 0.49cvss 7.5epss 0.01
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.
- risk 0.57cvss 8.8epss 0.01
OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations.
- risk 0.51cvss 7.8epss 0.00
SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC.
- risk 0.52cvss 7.5epss 0.36
In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, then an assert is triggered that should otherwise not be reachable and Mosquitto will exit.
- risk 0.57cvss 8.8epss 0.01
BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access.
- risk 0.49cvss 7.5epss 0.01
YukiWiki 2.1.3 and earlier does not process a particular request properly that may allow consumption of large amounts of CPU and memory resources and may result in causing a denial of service condition.
- risk 0.49cvss 7.5epss 0.02
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.
- risk 0.51cvss 7.8epss 0.01
Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.49cvss 7.5epss 0.02
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.
- risk 0.57cvss 8.8epss 0.01
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail search.
- risk 0.53cvss 8.1epss 0.01
Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.49cvss 7.5epss 0.04
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually…
- risk 0.51cvss 7.8epss 0.00
In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…
- risk 0.49cvss 7.5epss 0.01
In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…
- risk 0.49cvss 7.5epss 0.01
In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for…
- risk 0.49cvss 7.5epss 0.01
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.…
- risk 0.46cvss 7.0epss 0.00
In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0…
- risk 0.57cvss 8.8epss 0.02
In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:…
- risk 0.51cvss 7.8epss 0.01
In numerous functions of libFDK, there are possible out of bounds writes due to incorrect bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9.…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.51cvss 7.8epss 0.01
In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.57cvss 8.8epss 0.01
In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…
- risk 0.51cvss 7.8epss 0.01
In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.49cvss 7.5epss 0.01
In device configuration data, there is an improperly configured setting. This could lead to remote disclosure of device location. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112159033
- risk 0.51cvss 7.8epss 0.00
In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change…
- risk 0.51cvss 7.8epss 0.00
In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…
- risk 0.51cvss 7.8epss 0.00
In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- risk 0.51cvss 7.8epss 0.00
In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User…