Deserialization of Untrusted Data in rpc.py

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, a ...

Continue Reading

July 12, 2022

CVE-2022-33687

Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.Read More ...

Continue Reading

July 12, 2022

CVE-2022-33686

Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.Read More ...

Continue Reading

July 12, 2022

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information.Read More ...

Continue Reading

July 12, 2022

CVE-2022-33689

Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call.Read More ...

Continue Reading

July 12, 2022

CVE-2022-33173

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA i ...

Continue Reading

July 12, 2022

CVE-2022-32951

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.Read More ...

Continue Reading

July 12, 2022

CVE-2022-30758

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.Read More ...

Continue Reading

July 12, 2022

1 90,604 90,605 90,606 90,607 90,608 94,482

Back to Main
Subscribe for the latest news: