Search Results (Refine Search)
- Results Type: Overview
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-20867 |
Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20866 |
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20865 |
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20864 |
Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system resources. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20863 |
Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20862 |
Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code. Published: May 07, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20861 |
Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20860 |
Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20859 |
Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20858 |
Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20857 |
Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20856 |
Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario. Published: May 07, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20855 |
Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while. Published: May 07, 2024; 1:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-20821 |
A vulnerability possible to reconfigure OTP allows local attackers to transit RMA(Return Merchandise Authorization) mode, which disables security features. This attack needs additional privilege to control TEE. Published: May 07, 2024; 1:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2913 |
A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically within the user invite acceptance process. Attackers can exploit this vulnerability by sending multiple concurrent requests to accept a single user invite, allowing the creation of multiple user accounts from a single invite link intended for only one user. This bypasses the intended security mechanism that restricts invite acceptance to a single user, leading to unauthorized user creation without detection in the invite tab. The issue is due to the lack of validation for concurrent requests in the backend. Published: May 06, 2024; 8:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29941 |
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption. Published: May 06, 2024; 7:15:06 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30973 |
An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc. Published: May 06, 2024; 6:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34534 |
A SQL injection vulnerability in Cybrosys Techno Solutions Text Commander module (aka text_commander) 16.0 through 16.0.1 allows a remote attacker to gain privileges via the data parameter to models/ir_model.py:IrModel::chech_model. Published: May 06, 2024; 5:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34533 |
A SQL injection vulnerability in ZI PT Solusi Usaha Mudah Analytic Data Query module (aka izi_data) 11.0 through 17.x before 17.0.3 allows a remote attacker to gain privileges via a query to IZITools::query_check, IZITools::query_fetch, or IZITools::query_execute. Published: May 06, 2024; 5:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34532 |
A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module (aka query_deluxe) 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::get_result_from_query. Published: May 06, 2024; 5:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |