The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from…

A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability.

Race condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.

Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.