CVE-2026-20821

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally...

CVE-2023-40639

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2021-0665

In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672113; Issue ID: ALPS05672113...

CVE-2025-13321

CVE-2025-13321 affects Mattermost Desktop App versions prior to 6.0.0. The vulnerability stems from failure to sanitize sensitive information in application logs and to purge data on server deletion, enabling an attacker with local access to read potentially sensitive information from logs. Evide...

Apple macOS Tahoe 安全漏洞

Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a privilege issue vulnerability that stems from the system having insufficient security...

CVE-2025-36889

In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36889

In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel that stems from a lack of boundary checking in ProtocolPsUnthrottleApn in protocolpsadapter.cpp, which could lead to local information disclosure...

PT-2025-50703

In ProtocolPsUnthrottleApn of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel has a security vulnerability that stems from a privilege bypass in onCreateTasks in CameraActivity.java, which could lead to the disclosure of local information...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from improper validation of AreFencesRegistered inputs in gxpfencemanager.cc, which could lead to the disclosure of local information...

EUVD-2025-202209

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally...

CVE-2025-48610

In pkvmguestrelinquishtohost of memprotect.c, there is a possible configuration data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48608

In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-49581

In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-412662901

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28633)

A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file...

CVE-2025-21076

CVE-2025-21076 affects Samsung Account prior to version 15.5.00.18. The issue is caused by improper handling of permissions/privileges, enabling a local attacker to access data within Samsung Account with user interaction required to trigger. Documented impact in multiple sources confirms local a...

SAMSUNG Account 安全漏洞

SAMSUNG Account is an account management software from Samsung South Korea. A security vulnerability exists in SAMSUNG Account versions prior to 15.5.00.18, which stems from improper handling of permissions and could allow a local attacker to access Samsung Account data...

PT-2025-45076

Name of the Vulnerable Software and Affected Versions Samsung Account versions prior to 15.5.00.18 Description Improper handling of insufficient permissions or privileges in Samsung Account allows local attackers to access data within the application. User interaction is required to trigger this...