U-Boot shell vulnerability resulting in Privilege escalation in a production device
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-12-11
Updated
2023-12-13
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege 
Max CVSS
10.0
EPSS Score
0.06%
Published
2024-01-02
Updated
2024-01-09
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Max CVSS
6.3
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-01-05
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-09-11
Updated
2023-09-14
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases. ESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability. Upgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2.
Max CVSS
9.8
EPSS Score
0.12%
Published
2023-04-26
Updated
2023-05-09
In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240428519References: N/A
Max CVSS
6.8
EPSS Score
0.05%
Published
2023-01-26
Updated
2023-02-01
In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-07-13
Updated
2023-07-25
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-05-30
Updated
2024-01-31
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-25
Updated
2023-08-02
Elevation of privilege
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-11-29
Updated
2023-12-05
Elevation of privilege
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-11-29
Updated
2023-12-05
In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-12-16
Updated
2022-12-21
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-07-14
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-07
Updated
2022-10-08
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-14
Updated
2022-10-18
444 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!