Page 31 of 2610 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message. • https://github.com/zzh-newlearner/record/blob/main/luowice_warning.md •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. • https://github.com/zzh-newlearner/record/blob/main/macrovideo_share.md •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. • https://www.vivo.com/en/support/security-advisory-detail?id=8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. Vulnerabilidad de manejo inadecuado de permisos insuficientes en setSecureFolderPolicy en PersonaManagerService anterior a Android T(13) permite a atacantes locales establecer algún valor de configuración en la carpeta segura. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. La exposición de información confidencial a un actor no autorizado en Persona Manager anterior de Android T(13) permite a un atacante local acceder a la información de los perfiles de los usuarios. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •