35 matches found
PT-2026-47967
Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description An out-of-bounds read allows an unauthorized attacker to disclose sensitive information locally and affect the system. An out-of-bounds read occurs when a program reads data past the...
Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6c9j-x93c-rw6j. This link is maintained to preserve external references. Original Description A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of th...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000191 advisory. btrfsfreeextent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfsprintleaf in a certain ENOENT case, which allows local users to obtain...
CVE-2025-46602
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...
EUVD-2022-25850
Malicious code in bioql PyPI...
EUVD-2022-33203
Malicious code in bioql PyPI...
EUVD-2021-3610
Malicious code in bioql PyPI...
EUVD-2021-3616
Malicious code in bioql PyPI...
CVE-2025-36581
Dell PowerEdge Platform versions 14G AMD BIOS v1.25.0 and prior, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2024-43084
In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20199
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Androi...
UNISOC Chipsets Security Vulnerability
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of privilege checking in validationtools, leading to the disclosure of local information...
CVE-2023-21326
In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
PT-2023-18120 · Unknown · Jobscheduler
Name of the Vulnerable Software and Affected Versions: Job Scheduler affected versions not specified Description: The issue allows an attacker to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information...
Information disclosure
In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...
SUSE CVE-2010-3298
The hsogetcount function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
CVE-2022-20538
In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
Zoom Client for Meetings < 5.12.6 Vulnerability (ZSB-22025)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.12.6. It is, therefore, affected by a vulnerability as referenced in the ZSB-22025 advisory. - The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a loca...
CVE-2022-28764
The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...
Information disclosure
The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...