Lucene search
K

146 matches found

Cvelist
Cvelist
added 2026/06/23 5:40 p.m.37 views

CVE-2026-54318 Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services...

7.1CVSS0.00113EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.4AI score0.00098EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 6:16 a.m.11 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS0.00098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 5:23 a.m.8 views

CVE-2026-49189 Broadcast Receiver Privilege Escalation

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 5:23 a.m.30 views

CVE-2026-49189

CVE-2026-49189 involves unchecked public access permissions on a core Broadcast Receiver, enabling unauthorized local software components to invoke administrative operations. The available documents identify the vulnerable component as a Broadcast Receiver and describe the root cause as permissio...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/04 5:23 a.m.11 views

EUVD-2026-34208

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 5:23 a.m.44 views

CVE-2026-49189 Broadcast Receiver Privilege Escalation

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS0.00098EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:23 a.m.10 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from public access rights that are not checked by the core Broadcast Receiver. This vulnerability may allow unauthorized local software component...

8.5CVSS5.4AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46146

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.6 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.9AI score0.00082EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12293

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 2:18 p.m.4 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS0.00082EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 4:31 a.m.3 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 4:31 a.m.11 views

CVE-2026-20988

The collected reports describe a vulnerability in Android settings related to improper verification of intent by a broadcast receiver, allowing a local attacker to launch arbitrary activities with Settings privileges. Exploitation requires user interaction (e.g., tricking the user into installing...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/16 4:31 a.m.4 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.5 views

SAMSUNG Settings 安全漏洞

SAMSUNG Settings is a setting service provided by Samsung Electronics of South Korea. Versions of SAMSUNG Settings prior to SMR Mar-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper intent verification by the broadcast receiver, which could allow local...

6.8CVSS5.9AI score0.00082EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.9 views

PT-2026-25593

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2020-17894

Malware in sbrugna...

5.5CVSS6.6AI score0.00393EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-6869

Malware in sbrugna...

7.1CVSS7AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder