Filtered by vendor Ubports Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-40297 1 Ubports 1 Ubuntu Touch 2024-11-21 7.8 High
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated.
CVE-2016-1573 1 Ubports 1 Unity8 2024-11-21 7.8 High
Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.
CVE-2015-7946 1 Ubports 1 Unity8 2024-11-21 7.3 High
Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1.
CVE-2014-1423 2 Signond Project, Ubports 2 Signond, Ubuntu Touch 2024-11-21 5.9 Medium
signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click app that collects oauth tokens for other applications, exposing sensitive information.