CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39748
https://notcve.org/view.php?id=CVE-2021-39748
30 Mar 2022 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39747
https://notcve.org/view.php?id=CVE-2021-39747
30 Mar 2022 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39745
https://notcve.org/view.php?id=CVE-2021-39745
30 Mar 2022 — In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39744
https://notcve.org/view.php?id=CVE-2021-39744
30 Mar 2022 — In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39742
https://notcve.org/view.php?id=CVE-2021-39742
30 Mar 2022 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39740
https://notcve.org/view.php?id=CVE-2021-39740
30 Mar 2022 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39739
https://notcve.org/view.php?id=CVE-2021-39739
30 Mar 2022 — In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/android-12l • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23183 – Advanced Custom Fields <= 5.12 - Authenticated Information Disclosure
https://notcve.org/view.php?id=CVE-2022-23183
30 Mar 2022 — Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12.1 allows a remote authenticated attacker to view the information on the database without the access permission. Una vulnerabilidad de falta de autorización en Advanced Custom Fields versiones anteriores a 5.12.1 y en Advanced Custom Fields Pro versiones anteriores a 5.12.1, permite a un atacante remoto autenticado visualizar la información de la base de datos sin el pe... • https://jvn.jp/en/jp/JVN42543427/index.html • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27815
https://notcve.org/view.php?id=CVE-2022-27815
29 Mar 2022 — There can be an information leak or denial of service. • http://www.openwall.com/lists/oss-security/2022/04/14/1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 63EXPL: 1CVE-2022-22948 – VMware vCenter Server Incorrect Default File Permissions Vulnerability
https://notcve.org/view.php?id=CVE-2022-22948
29 Mar 2022 — The vCenter Server contains an information disclosure vulnerability due to improper permission of files. • https://github.com/PenteraIO/CVE-2022-22948 • CWE-276: Incorrect Default Permissions •