Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

57 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:35 p.m.4 views

CVE-2023-45777

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

7.8CVSS7.2AI score0.00147EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-26817

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00114EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-25402

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00013EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-25131

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.01133EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-35055

Malicious code in bioql PyPI...

8.4CVSS7.6AI score0.00076EPSS
Exploits0References1
NVD
NVDadded 2025/09/04 7:15 p.m.3 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS0.00114EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/04 6:34 p.m.2 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

6.3AI score0.00114EPSS
Exploits0References2
CVE
CVEadded 2025/09/04 6:34 p.m.23 views

CVE-2025-48535

Summary of CVE-2025-48535 (Android): A flaw in assertSafeToStartCustomActivity within AppRestrictionsFragment.java allows a parcel mismatch to trigger a launch-anywhere vulnerability via unsafe deserialization, enabling local elevation of privilege without additional execution privileges or user ...

7.8CVSS6.3AI score0.00114EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2025/09/04 6:34 p.m.3 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/04 12:0 a.m.3 views

PT-2025-36059

Name of the Vulnerable Software and Affected Versions: versions prior to 2025-48535 Description: A parcel mismatch in assertSafeToStartCustomActivity of AppRestrictionsFragment.java may lead to a launch anywhere vulnerability due to unsafe deserialization. This could result in local escalation of...

7.8CVSS6.3AI score0.00114EPSS
Exploits0References4
OSV
OSVadded 2025/08/06 4:16 a.m.2 views

CVE-2025-54640

ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References1
OSV
OSVadded 2025/08/06 4:16 a.m.1 views

CVE-2025-54639

ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions...

5.5CVSS5.8AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:44 a.m.5 views

CVE-2023-30691

Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation...

8.4CVSS6.6AI score0.00076EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:8 a.m.4 views

CVE-2023-21131

In checkKeyIntentParceledCorrectly of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution...

7.8CVSS6.9AI score0.00004EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:7 a.m.1 views

CVE-2023-20963

In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519...

7.8CVSS6.8AI score0.01133EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:34 p.m.2 views

CVE-2022-20142

In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.6AI score0.00013EPSS
Exploits0References1
CNVD
CNVDadded 2025/04/07 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2025-07520)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from insecure deserialization, which can be exploited by an attacker to bypass the parcel mismatch mitigation and elevate privileges...

7.8CVSS6.8AI score0.00006EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/21 11:4 p.m.9 views

CVE-2024-49744

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...

0.00006EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/01/21 12:0 a.m.3 views

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from insecure deserialization, which can be exploited by an attacker to bypass the parcel mismatch mitigation and elevate privileges...

7.8CVSS7.1AI score0.00006EPSS
Exploits0References2
OSV
OSVadded 2025/01/01 12:0 a.m.8 views

ASB-A-360846772

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...

7.8CVSS7.4AI score0.00006EPSS
Exploits0References2
Rows per page
Query Builder