CVE-2024-13091 (v3: 9.8) 22 Jan 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_fi... Read more ➔

CVE-2023-37039 22 Jan 2025

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa... Read more ➔

CVE-2024-49749 21 Jan 2025

In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no addit... Read more ➔

CVE-2024-49748 21 Jan 2025

In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote c... Read more ➔

CVE-2024-49747 21 Jan 2025

In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to remote c... Read more ➔

CVE-2024-49745 21 Jan 2025

In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege... Read more ➔

CVE-2024-49744 21 Jan 2025

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deseria... Read more ➔

CVE-2024-49742 21 Jan 2025

In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an app with notification access in Settings due to a miss... Read more ➔

CVE-2024-49738 21 Jan 2025

In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution... Read more ➔

CVE-2024-49737 21 Jan 2025

In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to launch arbitrary activities as the system UID due to a log... Read more ➔

CVE-2024-49736 21 Jan 2025

In onClick of MainClear.java, there is a possible way to trigger factory reset without explicit user consent due to a logic error in the code. This co... Read more ➔

CVE-2024-49735 21 Jan 2025

In multiple locations, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of... Read more ➔

CVE-2024-49734 21 Jan 2025

In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a V... Read more ➔

CVE-2024-49733 21 Jan 2025

In reload of ServiceListing.java , there is a possible way to allow a malicious app to hide an NLS from Settings due to a logic error in the code. Thi... Read more ➔

CVE-2024-49732 21 Jan 2025

In multiple functions of CompanionDeviceManagerService.java, there is a possible way to grant permissions without user consent due to a missing permis... Read more ➔

CVE-2024-49724 21 Jan 2025

In multiple functions of AccountManagerService.java, there is a possible way to bypass permissions and launch protected activities due to a race condi... Read more ➔

CVE-2024-43771 21 Jan 2025

In gatts_process_read_req of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/ad... Read more ➔

CVE-2024-43770 21 Jan 2025

In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/a... Read more ➔

CVE-2024-43765 21 Jan 2025

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of... Read more ➔

CVE-2024-43763 21 Jan 2025

In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error in the code. This could lead to remote (proximal/adj... Read more ➔

CVE-2024-43096 21 Jan 2025

In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adja... Read more ➔

CVE-2024-43095 21 Jan 2025

In multiple locations, there is a possible way to obtain any system permission due to a logic error in the code. This could lead to local escalation o... Read more ➔

CVE-2024-34730 21 Jan 2025

In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs due to a logic error in the code. This could lead to... Read more ➔

CVE-2024-24443 21 Jan 2025

An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to... Read more ➔

CVE-2024-24428 21 Jan 2025

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGA... Read more ➔

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Threat Intelligence