User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 This could lead to a local escalation of privilege with no additional execution privileges needed. It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304 User interaction is not needed for exploitation. This could lead to local escalation of privilege with no additional execution privileges needed. In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. sends base64 encoded credentials in the creds URL parameter. The Web server in 1C:Enterprise 8 before 8. This is exploitable on sites using debug mode with Laravel before 8.4.2. Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.įfay lanproxy 0.1 allows Directory Traversal to read /./conf/config.properties to obtain credentials for a connection to the intranet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |