4838 matches found
APEUni PTE Exam Practice App 安全漏洞
APEUni PTE Exam Practice App is a practice and tutoring app designed for PTE exam takers by China's APEUni. A security vulnerability exists in APEUni PTE Exam Practice App version 10.8.0 and earlier, which stems from an improperly exported AndroidManifest.xml file and could lead to a local attack...
INTSIG CamScanner App 安全漏洞
INTSIG CamScanner App Scanning Almighty is a mobile document scanning and management application from China's Hehe Information INTSIG. A security vulnerability exists in INTSIG CamScanner App version 6.91.1.5.250711, which originates from an improperly exported AndroidManifest.xml file, and could...
PT-2025-38588
Name of the Vulnerable Software and Affected Versions SKTLab Mukbee App version 1.01.196 Description A vulnerability exists in SKTLab Mukbee App that results in improper export of android application components. The issue affects an unknown function within the AndroidManifest.xml file of the...
PT-2025-38581
Name of the Vulnerable Software and Affected Versions Ooma Office Business Phone App versions up to 7.2.2 Description A vulnerability exists in the com.ooma.office2 component of the Ooma Office Business Phone App on Android. The issue involves improper export of Android application components,...
CVE-2025-59216
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
Windows Graphics Component Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
AIBattery 访问控制错误漏洞
AIBattery is a battery management tool for macOS by Wen Personal Developer. An access control error vulnerability exists in AIBattery 1.0.9 and earlier versions, which stems from a lack of authentication in the file AIBatteryHelper/XPC/BatteryXPCService.swift, which could lead to a local attack...
PT-2025-38492
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue exists in the Microsoft Graphics Component, potentially allowing a local attacker to elevate privileges. Recommendations At the moment, there is no informatio...
PT-2025-38057
Name of the Vulnerable Software and Affected Versions: Greenshot versions 1.3.300 and earlier Description: Greenshot is a Windows screenshot utility. The software deserializes attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or...
CVE-2025-10475
A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and...
Low: libtiff
Issue Overview: A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The...
CVE-2025-10195
A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit...
CVE-2025-54098
Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
CVE-2025-54895
Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally...
CVE-2025-55316
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally...
CVE-2025-53807
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
CVE-2025-10195
A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit...
Seismic App 安全漏洞
Seismic App is a mobile application for a sales empowerment platform from Seismic USA. A security vulnerability exists in Seismic App version 2.4.2, which stems from an improper export of the file AndroidManifest.xml component and could lead to a local attack...
CVE-2025-50892
The CVE-2025-50892 entry concerns EaseUS Todo Backup 1.2.0.1, where the eudskacs.sys driver (version 20250328) fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This creates a local, low-privileged attacker capability to perform arbitrary...
PT-2025-37001
Name of the Vulnerable Software and Affected Versions: Seismic App version 2.4.2 Description: A vulnerability exists in Seismic App version 2.4.2 on Android due to improper export of android application components within the AndroidManifest.xml file of the com.seismic.doccenter component. This...