Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-1395 |
Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1067 |
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the Linux Kernel and Mali GPU kernel driver configurations that would allow the GPU operations to affect the userspace memory of other processes. This issue affects Bifrost GPU Kernel Driver: from r41p0 through r47p0; Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-6363 |
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-41830 |
An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-41828 |
An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-41826 |
A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission. Published: May 03, 2024; 10:15:10 AM -0400 |
V3.1: 5.1 MEDIUM V2.0:(not available) |
CVE-2023-41825 |
A path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files. Published: May 03, 2024; 10:15:09 AM -0400 |
V3.1: 2.8 LOW V2.0:(not available) |
CVE-2023-41824 |
An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data. Published: May 03, 2024; 10:15:09 AM -0400 |
V3.1: 2.8 LOW V2.0:(not available) |
CVE-2023-41823 |
An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities. Published: May 03, 2024; 10:15:09 AM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-41822 |
An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands. Published: May 03, 2024; 10:15:09 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-41821 |
A an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information. Published: May 03, 2024; 10:15:09 AM -0400 |
V3.1: 5.0 MEDIUM V2.0:(not available) |
CVE-2023-41820 |
An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices. Published: May 03, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-41819 |
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers. Published: May 03, 2024; 10:15:08 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-41818 |
An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs. Published: May 03, 2024; 10:15:08 AM -0400 |
V3.1: 5.0 MEDIUM V2.0:(not available) |
CVE-2023-41817 |
An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information. Published: May 03, 2024; 10:15:08 AM -0400 |
V3.1: 2.8 LOW V2.0:(not available) |
CVE-2023-41816 |
An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database. Published: May 03, 2024; 10:15:08 AM -0400 |
V3.1: 5.0 MEDIUM V2.0:(not available) |
CVE-2024-33787 |
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuser_Number parameter at search_user.aspx. Published: May 03, 2024; 9:15:22 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-33786 |
An arbitrary file upload vulnerability in Zhongcheng Kexin Ticketing Management Platform 20.04 allows attackers to execute arbitrary code via uploading a crafted file. Published: May 03, 2024; 9:15:21 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2410 |
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed. Published: May 03, 2024; 9:15:21 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4466 |
SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability allows an attacker to send a specially crafted SQL query to the pass parameter and retrieve all the data stored in the database. Published: May 03, 2024; 8:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |