Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a security vulnerability. This vulnerability stemmed from the WebGL component not being initialized properly, which could allow remote attackers to exploit the system by leaking...

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

PT-2026-44036

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

Tauri 安全漏洞

Tauri is an open-source project developed by Tauri developers, aimed at creating smaller, faster, and more secure desktop applications using web frontends. Versions of Tauri from 2.0 to 2.11.0 contain security vulnerabilities. These vulnerabilities stem from the islocalurl function, which...

Google Chrome on Android 资源管理错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions of Google Chrome on Android prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the WebView component’s ability to reuse resources after...

Google Chrome on Android 安全漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a security vulnerability. This vulnerability stemmed from the WebGL component not being initialized properly, which could allow remot...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. V8 is a set of open-source JavaScript engines included in it. Versions of Google Chrome on Android prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from excessive reading and writin...

Google Chrome on Android 输入验证错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in Skia, whi...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a security vulnerability associated with the WebGL component’s improper implementation. This vulnerability could allow remote attackers to exploit the system by using specially craft...

Google Chrome on Android 安全漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a security vulnerability. This vulnerability stemmed from the uninitialized use of GPU components, which could allow remote attackers...

Google Chrome on Android 缓冲区错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a buffer error vulnerability. This vulnerability stemmed from out-of-bounds reading in the WebGL component, which could allow remote...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on Android prior to 148.0.7778.216, there was a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the GPU, which could allow remote attackers to execute a...

Google Chrome on Android 缓冲区错误漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions of Google Chrome on Android prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bound writes to the GPU, which could allow remote...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on Android prior to 148.0.7778.216, there was a resource management vulnerability. This vulnerability stemmed from the WebGL component’s tendency to reuse resources after they were released, which could allow...

EUVD-2025-209945

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

EUVD-2025-209947

Easyelife App lock aka Fingerprint,Applock or locker.app.safe.applocker 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows -...

EUVD-2025-209946

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...

CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

Malicious Package

Overview codexui-android is a malicious package. offering a remote web UI for OpenAI Codex, secretly stealing Codex OAuth credentials. Malicious code exists only in published npm builds—not in the public GitHub repo—and runs at import time, reading /.codex/auth.json, XOR-encrypting it, and POSTin...

CVE-2025-68709

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...