K000152049: F5 Access for Android vulnerability CVE-2025-54809

Security Advisory Description F5 Access for Android before version 3.1.2, which uses HTTPS, does not verify the remote endpoint identity. CVE-2025-54809 Impact An attacker with a network position that allows them to intercept network traffic may be able to read and/or modify data in transit. The...

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

firefox: thunderbird: Cross-origin access to JSON contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://devtools origin. This could allow them to access cross-origin JSON content. This...

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

SUSE CVE-2024-9394

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://devtools origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full...

Unable to Launch the Webex and Teams Meeting from Citrix Secure Web on Android

Unable to Launch the Webex or Teams Meeting from Citrix Secure Web on Android Error message "Blocked. Access to this site is restricted by admin policy" or blank page...

Google Android 访问控制错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. mt6785, mt6789, mt6795, mt6797, mt6799, mt6833, mt6853, mt6853t, mt6873, mt6875, mt6877, mt6879, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891. MT6893, MT6895, MT6983, MT6985, MT8321, MT8666, MT8667, MT8675, MT8765,...

VK.com: [VK Android] Access to app protected components leads to arbitrary code execution

Arbitrary code execution...

CVE-2015-8891

Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allow attackers to bypass intended access restrictions via a crafted image, aka Android internal bug 28842418 and Qualcomm internal bug CR813930...