Page 33 of 969 results (0.008 seconds)

CVSS: 4.0EPSS: 0%CPEs: 64EXPL: 0

Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider. Llamar a un proveedor inexistente en SMP sdk anterior a la versión 3.0.9, permite acciones no autorizadas, incluyendo el ataque de denegación de servicio mediante el secuestro del proveedor • https://security.samsungmobile.com https://security.samsungmobile.com/serviceWeb.smsb • CWE-287: Improper Authentication •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. En aplicaciones precargadas, el HostnameVerified es manejado inapropiadamente. • https://lgsecurity.lge.com •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. El gadget laf USB presenta un uso de la memoria previamente liberada. • https://lgsecurity.lge.com • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514. En la función isWordBreakAfter del archivo LayoutUtils.cpp, existe una posible manera de ralentizar o bloquear un TextView debido a una comprobación inapropiada de la entrada. • https://source.android.com/security/bulletin/2021-01-01 • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0

In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-170583712. En la función WAVSource::read del archivo WAVExtractor.cpp, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://source.android.com/security/bulletin/2021-01-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •