Vuldb Updates

A vulnerability has been found in Oracle Retail Returns Management up to 14.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper input validation. This vulnerability is known as CVE-2014-0114. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Digia Qt and classified as problematic. This issue affects the function QSslSocketBackendPrivate::transmit of the file src_network_ssl_qsslsocket_openssl.cpp. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2010-2621. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Google Android 12/12L/13/14. Affected by this vulnerability is the function onResult of the file AccountManagerService.java. The manipulation leads to Local Privilege Escalation. This vulnerability is known as CVE-2024-31316. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 12/12L/13/14 and classified as critical. This issue affects the function availableToWriteBytes in the library MessageQueueBase.h. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-31313. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Google Android 12/12L/13/14. Affected is an unknown function of the file ManagedServices.java. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2024-31315. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Google Android 12/12L/13/14. Affected is an unknown function of the file CompanionDeviceManagerService.java. The manipulation leads to permission issues. This vulnerability is traded as CVE-2024-31318. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Google Android 12/12L/13/14 and classified as problematic. Affected by this vulnerability is the function updateNotificationChannelFromPrivilegedListener of the file NotificationManagerService.java. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-31319. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 12/12L and classified as problematic. Affected by this issue is the function setSkipPrompt of the file AssociationRequest.java. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2024-31320. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 14. It has been classified as critical. This affects the function onCreate. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2024-31323. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 12/12L/13/14. It has been declared as problematic. This vulnerability affects the function hide of the file WindowState.java. The manipulation leads to state issue. This vulnerability was named CVE-2024-31324. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 12/12L/13/14. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-31325. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Google Android 14. Affected is an unknown function. The manipulation leads to enforcement of behavioral workflow. This vulnerability is traded as CVE-2024-31326. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android 12/12L/13/14. It has been classified as problematic. Affected is the function WRITE_SECURE_SETTINGS of the file ZygoteProcess.java. The manipulation leads to deserialization. This vulnerability is traded as CVE-2024-31317. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Google Android 12/12L/13/14. This issue affects the function updateServicesLocked of the file AccessibilityManagerService.java of the component Accessibility Service. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2024-31322. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Google Android 12/12L/13/14. Affected is an unknown function of the file ShortcutService.java. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2024-31314. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in AXIS IP Camera. Affected is an unknown function. The manipulation leads to command injection. This vulnerability is traded as CVE-2018-10660. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in xtell 1.91.1/2.6.1. Affected is an unknown function. The manipulation of the argument TTY leads to symlink following. This vulnerability is traded as CVE-2002-0333. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GeoServer up to 2.23.4/2.24.1. It has been declared as problematic. This vulnerability affects unknown code of the component REST Coverage Store API/REST Data Store API. The manipulation leads to file inclusion. This vulnerability was named CVE-2024-23634. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in GeoServer up to 2.23.2. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-23640. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in GeoServer. This vulnerability affects unknown code of the component GWC Demos Page. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-23821. The attack can be initiated remotely. There is no exploit available.