Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-03 | CVE-2024-49413 | Improper Verification of Cryptographic Signature vulnerability in Samsung Android 13.0/14.0 Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications. | 7.8 |
| 2024-12-02 | CVE-2018-9426 | Insufficient Entropy vulnerability in Google Android In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. | 7.5 |
| 2024-12-02 | CVE-2018-9431 | Unspecified vulnerability in Google Android 8.0/8.1 In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. | 7.8 |
| 2024-12-02 | CVE-2018-9413 | Out-of-bounds Write vulnerability in Google Android In handle_notification_response of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2024-12-02 | CVE-2018-9414 | Out-of-bounds Write vulnerability in Google Android In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. | 7.8 |
| 2024-12-02 | CVE-2018-9380 | Out-of-bounds Write vulnerability in Google Android In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input validation. | 8.8 |
| 2024-12-02 | CVE-2018-9381 | Use of Uninitialized Resource vulnerability in Google Android 8.1 In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. | 7.5 |
| 2024-12-02 | CVE-2024-46905 | Unspecified vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account. | 8.8 |
| 2024-12-02 | CVE-2024-46906 | Unspecified vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. | 8.8 |
| 2024-12-02 | CVE-2024-46907 | Unspecified vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. | 8.8 |