» admin

CVE-2022-20264

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2022-20264

In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2022-20264

CVE-2023-21300

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21300

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21300

CVE-2023-21295

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21295

In SliceManagerService, there is a possible way to check if a content provider is installed due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21295

CVE-2023-21294

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21294

In Slice, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21294

CVE-2023-21297

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21297

In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21297

CVE-2023-21296

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21296

In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2023-21296

CVE-2023-21298

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21298

In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21298

CVE-2023-21293

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-21293

In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2023-21293

CVE-2023-4964

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-4964

Potential open redirect vulnerability
in opentext Service Management Automation X
(SMAX) versions 2020.05, 2020.08,
2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset
Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. The
vulnerability could allow attackers to redirect a user to
malicious websites.

Source: CVE-2023-4964

CVE-2023-44323

Posted on 2023년 10월 31일2023년 10월 31일 by admin

CVE-2023-44323

Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Source: CVE-2023-44323