Page 89 of 1798 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-77286245. Cuando WiFi está habilitado, la función sendNetworkStateChangeBroadcast de WifiStateMachine.java transmite un intent que incluye información detallada de la red WiFi. • http://www.securitytracker.com/id/1041590 https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005. Algunos dispositivos LG basados en Android desde la versión 6.0 hasta la 8.1 tiene un control de acceso incorrecto para los intents de la aplicación SystemUI. El ID de LG es LVE-SMP-180005. • https://lgsecurity.lge.com/security_updates.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006. Algunos dispositivos LG basados en Android desde la versión 6.0 hasta la 8.1 tiene un control de acceso incorrecto para los intents de la aplicación MLT. El ID de LG es LVE-SMP-180006. • https://lgsecurity.lge.com/security_updates.html https://www.kryptowire.com/portal/android-firmware-defcon-2018 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004. Algunos dispositivos LG basados en Android desde la versión 6.0 hasta la 8.1 tiene un control de acceso incorrecto en la aplicación GNSS. El ID de LG es LVE-SMP-180004. • https://lgsecurity.lge.com/security_updates.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 1

In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257. En readMetadata de Utils.cpp, hay un posible error de salto de directorio debido a un deputy confuso. • https://www.exploit-db.com/exploits/45192 http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •