CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9344
https://notcve.org/view.php?id=CVE-2018-9344
This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9339
https://notcve.org/view.php?id=CVE-2018-9339
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9338
https://notcve.org/view.php?id=CVE-2018-9338
This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-21270
https://notcve.org/view.php?id=CVE-2023-21270
This could lead to local escalation of privilege with User execution privileges needed. • https://source.android.com/security/bulletin/2023-08-01 • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42450
https://notcve.org/view.php?id=CVE-2024-42450
This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system. Exploitation Status: Versa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment. Workarounds or Mitigation: Starting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. • https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3 • CWE-798: Use of Hard-coded Credentials •