Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling

Available for Android 12 and later, the anti-scam feature is baked into Google Dialer, which sends a silent “confirmation signal” to ensure whoever’s calling you is who they appear to be...

EUVD-2024-18526

Malicious code in bioql PyPI...

EUVD-2024-18590

Malicious code in bioql PyPI...

CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files...

CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files...

CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files...

CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files...

CVE-2024-20875

Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files...

CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer...

CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer...

CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer...

CVE-2024-20811

CVE-2024-20811 concerns Samsung Mobile’s GameOptimizer . The root cause is improper caller verification , enabling a local attacker to configure GameOptimizer. Affected are Samsung devices with the GameOptimizer component prior to the SMR Feb-2024 Release 1. The entry notes local access from an u...

CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer...

SecurityCouncilMemberSyncAction.perform is not exclusively can be scheduled from SecurityCouncilManager's operations

Lines of code Vulnerability details Impact SecurityCouncilMemberSyncAction.perform is a crucial function that will be triggered by upgrade executor via delegate call after the whole election process or after current members do some update add/remove/replace/rotate to update security council...

Mozilla: Potential out-of-bounds when accessing throttled streams

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable...

BOMBBA Authorization Issue Vulnerability

BOMBBA BOMB is a cryptocurrency.A security vulnerability exists in the 'quaker' function of BOMB's smart contract implementation, which stems from the fact that the function does not check the identity of the caller. An attacker could use the vulnerability to modify the owner of the smart contrac...

Business Alliance Financial Circle has a logic flaw vulnerability

Business Alliance Financial Circle BAFC is a cryptocurrency.A security vulnerability exists in the 'UBSexToken' function in BAFC's smart contract implementation, which stems from the fact that the function is publicly available and does not check the identity of the caller. The vulnerability can ...

NewIntelTechMedia License Issues Vulnerabilities

NewIntelTechMedia NETM is a cryptocurrency.A security vulnerability exists in the 'NETM' function in NETM's smart contract implementation, which stems from the fact that the function does not check the identity of the caller. An attacker could use the vulnerability to modify the owner of the smar...

CVE-2020-12680

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and th...

DDQ override vulnerability

DDQ is a cryptocurrency. A security vulnerability in the 'owned' function in DDQ's smart contract implementation stems from the function's failure to check the identity of the caller. An attacker could use the vulnerability to modify the owner of a smart contract...