» 2023 » 7월

CVE-2023-21261

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21261

In ft_open_face_internal of ftobjs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21261

CVE-2023-21255

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21255

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21255

CVE-2023-34123

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-34123

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Source: CVE-2023-34123

CVE-2023-21256

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21256

In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2023-21256

CVE-2023-21400

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21400

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21400

CVE-2023-21257

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21257

In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21257

CVE-2023-21262

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21262

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.

Source: CVE-2023-21262

CVE-2023-35693

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-35693

In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-35693

CVE-2023-35691

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-35691

there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-35691

CVE-2023-21399

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-21399

there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21399