Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2024-20972
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20964
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20962
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20951
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20943
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20941
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20937
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20935
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20933
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20931
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20929
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20927
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20925
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20923
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20917
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20911
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-20909
|
N/A |
17 Feb 2024
|
||
|
CVE-2023-21833
|
N/A |
17 Feb 2024
|
||
|
CVE-2024-25468
|
N/A |
An issue in TOTOLINK X5000R V.9.1.0u.6369_B20230113 allows a remote attacker to cause a denial of service via the host_time parameter of the NTPSyncWithHost component.
|
17 Feb 2024
|
|
|
CVE-2024-0020
|
N/A |
In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is not needed for exploitation.
|
16 Feb 2024
|
|
|
CVE-2024-0019
|
N/A |
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
|
16 Feb 2024
|
|
|
CVE-2024-0015
|
N/A |
In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
|
16 Feb 2024
|
|
|
CVE-2024-23591
|
N/A |
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow
an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP
800-193-compliant Platform Firmware Resiliency (PFR) security subsystem
significantly mitigates this issue.
|
16 Feb 2024
|
|
|
CVE-2024-0041
|
N/A |
In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional execution privileges needed. User interaction is not needed for exploitation.
|
16 Feb 2024
|
|
|
CVE-2024-0034
|
N/A |
In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
16 Feb 2024
|
CVE-2024-20972
N/A
17 Feb 2024
CVE-2024-20964
N/A
17 Feb 2024
CVE-2024-20962
N/A
17 Feb 2024
CVE-2024-20951
N/A
17 Feb 2024
CVE-2024-20943
N/A
17 Feb 2024
CVE-2024-20941
N/A
17 Feb 2024
CVE-2024-20937
N/A
17 Feb 2024
CVE-2024-20935
N/A
17 Feb 2024
CVE-2024-20933
N/A
17 Feb 2024
CVE-2024-20931
N/A
17 Feb 2024
CVE-2024-20929
N/A
17 Feb 2024
CVE-2024-20927
N/A
17 Feb 2024
CVE-2024-20925
N/A
17 Feb 2024
CVE-2024-20923
N/A
17 Feb 2024
CVE-2024-20917
N/A
17 Feb 2024
CVE-2024-20911
N/A
17 Feb 2024
CVE-2024-20909
N/A
17 Feb 2024
CVE-2023-21833
N/A
17 Feb 2024
CVE-2024-25468
N/A
17 Feb 2024
An issue in TOTOLINK X5000R V.9.1.0u.6369_B20230113 allows a remote attacker to cause a denial of service via the host_time parameter of the NTPSyncWithHost component.
CVE-2024-0020
N/A
16 Feb 2024
In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0019
N/A
16 Feb 2024
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-0015
N/A
16 Feb 2024
In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-23591
N/A
16 Feb 2024
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow
an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP
800-193-compliant Platform Firmware Resiliency (PFR) security subsystem
significantly mitigates this issue.
CVE-2024-0041
N/A
16 Feb 2024
In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-0034
N/A
16 Feb 2024
In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Page 529 of 641
Page 529 of 641