‼ CVE-2022-42504 ‼
📖 Read
via "National Vulnerability Database".
In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20564 ‼
📖 Read
via "National Vulnerability Database".
In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-47377 ‼
📖 Read
via "National Vulnerability Database".
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20547 ‼
📖 Read
via "National Vulnerability Database".
In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20530 ‼
📖 Read
via "National Vulnerability Database".
In strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231585645📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20604 ‼
📖 Read
via "National Vulnerability Database".
In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42519 ‼
📖 Read
via "National Vulnerability Database".
In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46137 ‼
📖 Read
via "National Vulnerability Database".
AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20568 ‼
📖 Read
via "National Vulnerability Database".
In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20602 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25628 ‼
📖 Read
via "National Vulnerability Database".
An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20511 ‼
📖 Read
via "National Vulnerability Database".
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235821829📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20586 ‼
📖 Read
via "National Vulnerability Database".
In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25627 ‼
📖 Read
via "National Vulnerability Database".
An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20600 ‼
📖 Read
via "National Vulnerability Database".
In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20563 ‼
📖 Read
via "National Vulnerability Database".
In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20584 ‼
📖 Read
via "National Vulnerability Database".
In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44468 ‼
📖 Read
via "National Vulnerability Database".
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20601 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42525 ‼
📖 Read
via "National Vulnerability Database".
In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20578 ‼
📖 Read
via "National Vulnerability Database".
In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A📖 Read
via "National Vulnerability Database".
👍1