75475 matches found
GO-2026-4410 apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams in chainguard.dev/apko
apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams in chainguard.dev/apko...
CVE-2026-26228
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
CVE-2026-26228
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
CVE-2026-26228
VLC for Android prior to 3.7.0 is affected by a path traversal vulnerability in the Remote Access Server’s GET /download endpoint. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalization or directory containment checks, allo...
CVE-2026-26228 VLC for Android < 3.7.0 Remote Access Path Traversal
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
CVE-2026-26228
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
CVE-2026-26228 VLC for Android < 3.7.0 Remote Access Path Traversal
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update. Behind the scenes, the tactics are sharper. Access happens faster. Control is established sooner. Cleanup becomes harder...
Exploit for CVE-2010-2568
Zero Click Exploits Android, OSX, Linux, Windows, iOS, IoT, S...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the Pub/Sub endpoint. An attacker can cause unauthorized removal of Android devices from management by sending crafted unauthenticated requests. Remediation Upgrade...
CVE-2026-24004
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...
CVE-2026-24004 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...
CVE-2026-24004 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...
CVE-2026-24004
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...
CVE-2026-24004 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...
CVE-2026-24004
CVE-2026-24004 affects Fleet open source device management software prior to 4.80.1. The issue is in Android MDM Pub/Sub handling, allowing unauthenticated requests to trigger unenrollment events, potentially removing individual Android devices from Fleet management. Impact is disruption of Andro...
PT-2026-22170
Name of the Vulnerable Software and Affected Versions VideoLAN VLC for Android versions prior to 3.7.0 Description The Remote Access Server feature in VideoLAN VLC for Android has an authentication bypass due to inadequate rate limiting on one-time password OTP verification. The server utilizes a...
Fleet 安全漏洞
Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, and MDM operations. Versions of Fleet prior to 4.80.1 contained security...
PT-2026-22179
Name of the Vulnerable Software and Affected Versions Unitree Go2 versions 1.1.7 through 1.1.11 Description Remote code execution is possible due to a lack of integrity protection and validation of user-created programs when used with the Unitree Go2 Android application com.unitree.doggo2. The...
PT-2026-22155
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...