Pixel Update Bulletin—April 2026Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2026-04-01 or later address all issues in this bulletin and all issues in the April 2026 Android Securi...

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 CVSS score: 7.8, a buffer over-read in the Graphics component. "Memory corruption when...

PT-2026-4711

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Pixel Update Bulletin—October 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2025-10-01 or later address all issues in this bulletin and all issues in the October 2025 Android...

EUVD-2015-9029

Malware in sbrugna...

EUVD-2015-9013

Malware in sbrugna...

EUVD-2017-9281

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-9516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of...

Pixel Update Bulletin—November 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2024-11-05 or later address all issues in this bulletin and all issues in the November 2024 Android...

PT-2024-4747

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version Description The issue is related to a logic error in the code, which could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for...

Pixel Update Bulletin—June 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2024-06-05 or later address all issues in this bulletin and all issues in the June 2024 Android Securit...

Pixel Update Bulletin—August 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2023-08-05 or later address all issues in this bulletin and all issues in the August 2023 Android...

CVE-2023-32427

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic...

Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak...

PT-2023-17802 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In multiple locations of p2p iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. Us...

CVE-2021-46841

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity...

Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs

Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities...

Tor Browser 8.5.2 Released — Update to Fix Critical Firefox Vulnerability

Important Update 21 June 2019 ➤ The Tor Project on Friday released second update Tor Browser 8.5.3 for its privacy web-browser that patches the another Firefox zero-day vulnerability patched this week. Following the latest critical update for Firefox, the Tor Project today released an updated...

CVE-2018-6246

In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android:...

A week in security (September 4 – September 10)

Last week, we looked into expired domain names being used for malvertising, delved into dubious Facebook apps, and checked out Chinese seminar scams. We also explained the whys and wherefores of false positives, explained what Google is doing with HTTPs, warned you away from a fake DHS email, and...