PT-2025-36076

Name of the Vulnerable Software and Affected Versions: NotificationChannel.java affected versions not specified Description: The software contains a potential desynchronization issue stemming from improper input validation in multiple methods of NotificationChannel.java. This could lead to local...

PT-2025-36017

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A logic error in the code within onCreate of NotificationAccessConfirmationActivity.java may lead to local information disclosure. Exploitation does not requi...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22427

CVE-2025-22427 affects Android’s NotificationAccessConfirmationActivity.java. A logic error in onCreate could grant notification access above the lock screen, enabling local escalation of privilege with user interaction required. Impact is high (local, high confidentiality/integrity/availability ...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

CVE-2025-22421

CVE-2025-22421 affects Android; a logic error in ContentDescForNotification (NotificationContentDescription.kt) may leak notification content on the lockscreen. This enables local information disclosure with no user interaction. The issue is documented across multiple sources (NVD/Red Hat/CVE dat...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

PT-2025-35628

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A logic error in the code within NotificationAccessConfirmationActivity.java may allow granting notification access above the lock screen. This could lead to local escalation of privilege,...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android, which stems from a logic error in the contentDescForNotification function in NotificationContentDescription.kt, which could lead to the disclosur...

PT-2025-35625

Name of the Vulnerable Software and Affected Versions: versions prior to 2025-22421 Description: A logic error in the code within contentDescForNotification of NotificationContentDescription.kt may lead to local information disclosure through the lockscreen. User interaction is not required for...

Linux Distros Unpatched Vulnerability : CVE-2025-38638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection onl...

RHEL 9 : kernel-rt (RHSA-2025:14691)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14691 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the TemplateNotificationMessageGenerator. An attacker can gain unauthorized access to restricted information from expandoTableLocalService by sending crafted requests to the affected service. Remediation Upgrad...