In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not...
In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional...
In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User...
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562 Date published : 2020-12-14 https://source.android.com/security/bulletin/2020-12-01
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843 Date published : 2020-12-14 https://source.android.com/security/bulletin/2020-12-01
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514 Date published : 2020-12-14 https://source.android.com/security/bulletin/2020-12-01
In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges...
In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User...
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for...
Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by...
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be...
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program. Date published : 2020-12-13 https://jvn.jp/en/jp/JVN55917325/index.html https://jvn.jp/jp/JVN55917325/index.html