CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-20123

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE-2022-20124

In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalatio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-20125

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-20126

In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of pri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-20127

In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interacti ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE-2022-20129

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of s ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE-2022-20130

In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE-2022-20131

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE-2022-20132

In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a mal ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-20133

In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：13 | 回复：0
CVE-2022-20134

In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-20135

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-20137

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-2086

A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：16 | 回复：0
CVE-2022-2087

A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE-2021-36901

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin = 2.17.0 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2021-39806

In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2022-20138

In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. Thi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：26 | 回复：0
CVE-2022-20140

In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges nee ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：31 | 回复：0
CVE-2022-20141

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional exec ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：35 | 回复：0
CVE-2022-20142

In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：24 | 回复：0
CVE-2022-20143

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges need ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：25 | 回复：0
CVE-2022-20144

In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：19 | 回复：0
CVE-2022-20145

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2022-20146

In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional exe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20147

In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20148

In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is n ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20149

Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20151

Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20152

In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2022-20153

In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-20154

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20155

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no ad ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-20156

In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-20159

In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：19 | 回复：0
CVE-2022-20160

Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：21 | 回复：0
CVE-2022-20162

In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. Use ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：22 | 回复：0
CVE-2022-20164

Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：23 | 回复：0
CVE-2022-20165

In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interact ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：36 | 回复：0
CVE-2022-20166

In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges need ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：46 | 回复：0