|
220281
|
9.8 |
CRITICAL
Network
|
mycarcontrols
|
mycar_controls
|
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data fro…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-9493
|
2024-11-21 13:51 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220282
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execut…
|
NVD-CWE-noinfo
|
CVE-2019-9465
|
2024-11-21 13:51 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220283
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User i…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-9472
|
2024-11-21 13:51 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220284
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. Us…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9471
|
2024-11-21 13:51 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220285
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9470
|
2024-11-21 13:51 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220286
|
7.8 |
HIGH
Local
|
google
|
android
|
In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9469
|
2024-11-21 13:51 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220287
|
7.8 |
HIGH
Local
|
google
|
android
|
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User in…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2019-9468
|
2024-11-21 13:51 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220288
|
6.1 |
MEDIUM
Network
|
telos
|
automated_message_handling_system
|
: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9542
|
2024-11-21 13:51 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220289
|
6.1 |
MEDIUM
Network
|
telos
|
automated_message_handling_system
|
: Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos A…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9541
|
2024-11-21 13:51 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220290
|
6.1 |
MEDIUM
Network
|
telos
|
automated_message_handling_system
|
: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prefs.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9540
|
2024-11-21 13:51 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
