475 matches found
CVE-2025-48561
In multiple locations, there is a possible way to access data displayed on the screen due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48537
In multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26453
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2025-36079
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: An issue exists in Android where an application may be able to monitor motion events due to a confused deputy condition. This could result in local information disclosure without requiring...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2024-49722
In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2025-0086
In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26417
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-26417
CVE-2025-26417 affects the Android framework via the function in DownloadProvider.java, where a bypass of user consent in shared storage could occur due to a confusing deputy. This may enable local information disclosure without requiring additional execution privileges, and does not require user...
Linux Distros Unpatched Vulnerability : CVE-2014-0246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive...
Linux Distros Unpatched Vulnerability : CVE-2021-0072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow...
Linux Distros Unpatched Vulnerability : CVE-2018-3665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data...
The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.
The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers is related to insufficient protection for the local address book’s service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
CVE-2025-20688
In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from an incorrect boundary check resulting in out-of-bounds reads, which could lead to the disclosure of local information...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from an incorrect boundary check resulting in out-of-bounds reads, which could lead to the disclosure of local information...
CVE-2025-4418 AVEVA PI Connector for CygNet Improper Validation of Integrity Check Value
An improper validation of integrity check value vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow a miscreant with elevated privileges to modify PI Connector for CygNet local data files cache and buffers in a way that causes the...
PT-2025-25351 · Aveva · Aveva Pi Connector For Cygnet
Name of the Vulnerable Software and Affected Versions: AVEVA PI Connector for CygNet versions 1.6.14 and prior Description: An improper validation of integrity check value issue exists that, if exploited, could allow a miscreant with elevated privileges to modify local data files in a way that...
CVE-2025-20996
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability...