Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-21170

In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure…

Devamını oku

CVE-2023-21171

In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation…

Devamını oku

CVE-2023-21177

In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This…

Devamını oku

CVE-2023-21179

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local…

Devamını oku