GuardDog is a CLI tool to identify malicious PyPI packages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In the Pixel camera driver, there is a possible use after free due to a logic error in the code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.
In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
In multiple locations of DreamManagerService.java, there is a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.