9907 matches found
CVE-2025-65820
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application which opens a hidden page. This page, which is not available through the normal flows of the application, contains several devices which can be added to your...
PT-2025-50495
Name of the Vulnerable Software and Affected Versions Meatmeet Android Mobile Application version 1.1.2.0 Description An exported activity within the application can be initiated, revealing a hidden page. This page displays devices, including two that have not been publicly released. An attacker...
Malicious code in libxmlrussia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a896cf7e2a9565c72e2dbea89306401102334fe016a8819be5ab476cff9d8e The package libxmlrussia was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-192395 Malicious code in libxmlrussia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a896cf7e2a9565c72e2dbea89306401102334fe016a8819be5ab476cff9d8e The package libxmlrussia was found to contain malicious code. Source: ossf-package-analysis...
CVE-2025-22432
In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48586
In onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the work profile due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
MAL-2025-192390 Malicious code in libxmljs2woter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb0d4800be662e443c5452e2dbf7088498563ea91fe9056e186e8e6f5d397c89 The package libxmljs2woter was found to contain malicious code. Source: ghsa-malware 5b498dbda523b62755dd841fc0e66d62bddb3feef9c4ca0d5078b7dec40fdd1c...
ChrimeraWire Trojan Fakes Chrome Activity to Manipulate Search Rankings
ChrimeraWire is a new Windows trojan that automates web browsing through Chrome to simulate user activity and manipulate search engine rankings...
EUVD-2025-201787
In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48627
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48627
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48572
In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48627
CVE-2025-48627 affects the Android Framework, specifically the startNextMatchingActivity path in ActivityTaskManagerService.java. The issue is a logic error that can allow launching an activity from the background, resulting in local escalation of privilege without additional execution privileges...
CVE-2025-48627
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48627
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48572
In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48572
CVE-2025-48572 is an Android Framework privilege-escalation vulnerability. It stems from improper input validation in the Framework component, allowing a local application to launch activities from background and execute arbitrary code with elevated privileges. Affected products are Android devic...
CVE-2025-22432
CVE-2025-22432 affects the Android Framework (CallRedirectionProcessor.java). The root cause is improper input validation in notifyTimeout, which may create a persistent connection and enable local escalation of privilege, triggering background activity launches with User privileges and no user i...
CVE-2025-22432
In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...
⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More
It's been a week of chaos in code and calm in headlines. A bug that broke the internet's favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks — all within days. If you blink, you'll miss how fast the threat map is changing. New flaws are being...