Yan&Co Security Vulnerabilities

CVE-2023-42742

In sysui, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

CVE-2023-42744

In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

CVE-2023-42751

In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

CVE-2023-42716

In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges...

CVE-2023-42723

In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2023-42684

In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges...

CVE-2023-42736

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42734

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42733

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42706

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42728

In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2023-42740

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42738

In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42699

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42715

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42717

In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges...

CVE-2023-42713

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42708

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42735

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges...

CVE-2023-42722

In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges...

CVE-2023-42704

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42732

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42698

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42711

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42714

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42696

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42683

In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges...

CVE-2023-42682

In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

CVE-2023-42748

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42746

In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42730

In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42681

In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2023-42712

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42707

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42709

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42729

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

CVE-2023-42701

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42703

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42702

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42705

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42697

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42700

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 18, 2023 to December 31, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Over the last two weeks, there were 263 vulnerabilities disclosed in 217 WordPress Plugins and 3 WordPress themes that have been added to the...

Downloads Resources over HTTP in co-cli-installer

Affected versions of co-cli-installer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

CVE-2023-42691

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2022-48462

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2022-48464

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2023-42673

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42674

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42675

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...