Search Results | AttackerKB

Show filters

Topics 2,092 Users 9,688

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2,092 Total Results

Displaying 1-10 of 2,092

Attacker Value

Low

CVE-2020-12695 "CallStranger"

Disclosure Date: June 08, 2020 (last updated April 09, 2024)

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

Attack Vector: Network Privileges: None User Interaction: None

2

Attacker Value

Moderate

CVE-2019-2215

Disclosure Date: October 11, 2019 (last updated July 26, 2024)

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095

Attack Vector: Local Privileges: Low User Interaction: None

1

Attacker Value

Unknown

CVE-2020-0022

Disclosure Date: February 13, 2020 (last updated February 03, 2024)

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715

Attack Vector: Adjacent Network Privileges: None User Interaction: None

2

Attacker Value

Unknown

CVE-2024-57962

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.

0

Attacker Value

Unknown

CVE-2024-57961

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

0

Attacker Value

Unknown

CVE-2024-57960

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

0

Attacker Value

Unknown

CVE-2024-57959

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

0

Attacker Value

Unknown

CVE-2024-57958

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

0

Attacker Value

Unknown

CVE-2024-57957

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

0

Attacker Value

Unknown

CVE-2024-57956

Disclosure Date: February 06, 2025 (last updated February 07, 2025)

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

0