146 matches found
CVE-2026-54318 Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189 Broadcast Receiver Privilege Escalation
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189
CVE-2026-49189 involves unchecked public access permissions on a core Broadcast Receiver, enabling unauthorized local software components to invoke administrative operations. The available documents identify the vulnerable component as a Broadcast Receiver and describe the root cause as permissio...
EUVD-2026-34208
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189 Broadcast Receiver Privilege Escalation
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from public access rights that are not checked by the core Broadcast Receiver. This vulnerability may allow unauthorized local software component...
PT-2026-46146
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-20988
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
EUVD-2026-12293
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
CVE-2026-20988
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
CVE-2026-20988
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
CVE-2026-20988
The collected reports describe a vulnerability in Android settings related to improper verification of intent by a broadcast receiver, allowing a local attacker to launch arbitrary activities with Settings privileges. Exploitation requires user interaction (e.g., tricking the user into installing...
CVE-2026-20988
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
SAMSUNG Settings 安全漏洞
SAMSUNG Settings is a setting service provided by Samsung Electronics of South Korea. Versions of SAMSUNG Settings prior to SMR Mar-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper intent verification by the broadcast receiver, which could allow local...
PT-2026-25593
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
EUVD-2020-17894
Malware in sbrugna...
EUVD-2018-6869
Malware in sbrugna...