EUVD-2025-200131

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege...

CVE-2025-58487

The advisory concerns Samsung Account, where an improper authorization flaw before version 15.5.01.1 could let a local attacker launch arbitrary activities under Samsung Account privileges. The issue, described consistently across multiple feeds (NVD, Red Hat, CVE lists, regional advisories), is ...

EUVD-2002-0169

Malware in sbrugna...

EUVD-2011-0553

Malware in sbrugna...

EUVD-2021-11143

Malware in sbrugna...

CVE-2025-21010

Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account...

CVE-2022-28802

Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words, Code by Zapier was providing a customer-controlled general-purpose virtual machine that unintentionally granted full access to all users of a company's...

CVE-2025-30701

Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account privilege with network access via Oracle Net to compromise RAS...

Privilege Escalation

github.com/pipe-cd/pipecd is vulnerable to Insecure Permissions. The vulnerability is due to insecure permissions, which allow attackers to access the service account's token and escalate privileges...

CVE-2024-53350

Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's token, leading to escalation of privileges...

CVE-2023-42136

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with a specific word. The attacker must have shell access to the device in order to exploit this...

Design/Logic Flaw

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with a specific word. The attacker must have shell access to the device in order to exploit this...

CVE-2023-42136

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with a specific word. The attacker must have shell access to the device in order to exploit this...

Cross site request forgery (csrf)

The XWiki Admin Tools Application provides tools to help the administration of XWiki. Prior to version 4.5.1, a cross-site request forgery vulnerability in the query on XWiki tool allows executing arbitrary database queries on the database of the XWiki installation. Among other things, this allow...

CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...

CVE-2023-42548

Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...

CVE-2023-42551

Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...

CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...

CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...

CVE-2023-42548

Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...