• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-264

CVE-2019-2122

February 26, 2023 by

In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-127605586.

CVE-2019-2102

February 26, 2023 by

In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052.

CVE-2019-2003

February 26, 2023 by

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-116321860

CVE-2019-1660

February 26, 2023 by

A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on the affected TMS software. An attacker could exploit this vulnerability by gaining access to internal, trusted networks to send crafted SOAP calls to the affected device. If successful, an exploit could allow the attacker to access system management tools. Under normal circumstances, this access should be prohibited.

CVE-2019-14257

February 26, 2023 by

pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765.

CVE-2019-13125

February 26, 2023 by

HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 130
  • Go to page 131
  • Go to page 132
  • Go to page 133
  • Go to page 134
  • Interim pages omitted …
  • Go to page 136
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE