» 2022 » 4월

CVE-2022-27822

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27822

Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission.

Source: CVE-2022-27822

CVE-2022-27823

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27823

Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.

Source: CVE-2022-27823

CVE-2022-27837

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27837

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.

Source: CVE-2022-27837

CVE-2022-27827

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27827

Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.

Source: CVE-2022-27827

CVE-2022-27577

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27577

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.

Source: CVE-2022-27577

CVE-2022-27836

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27836

Improper access control and path traversal vulnerability in StroageManager and StroageManagerService prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission.

Source: CVE-2022-27836

CVE-2022-27835

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27835

Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.

Source: CVE-2022-27835

CVE-2022-27834

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27834

Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.

Source: CVE-2022-27834

CVE-2022-27831

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27831

Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.

Source: CVE-2022-27831

CVE-2022-27832

Posted on 2022년 4월 12일2022년 4월 12일 by admin

CVE-2022-27832

Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.

Source: CVE-2022-27832