CVE-2026-22694

AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response fo...

CVE-2026-22694 AliasVault is Missing Origin Validation in Android Passkey Credential Provider

AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response fo...

PT-2026-2917

AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response fo...

EUVD-2022-51192

Malicious code in bioql PyPI...

EUVD-2022-51190

Malicious code in bioql PyPI...

CVE-2022-48496

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

CVE-2022-48494

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

CVE-2022-48494

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

CVE-2022-48496

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

PT-2023-15824 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns lax app identity verification in the pre-authorization function. Successful exploitation allows malicious apps to become pre-authorized. Recommendations: At the...

PT-2023-15826 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns a lax app identity verification in the pre-authorization function, which can be exploited to allow malicious apps to become pre-authorized. Recommendations: At the...

CVE-2022-48494

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

CVE-2022-48496

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized...

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an application identity verification laxity vulnerability in Huawei's pre-authorization...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-43847)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation-of-privilege vulnerability exists in Google Android, which originates in the icstartRetrieveEntryValue in acropora/app/identity/ic.c The lack of validation of the return value in acropora/app/identity/ic.c...

CVE-2021-39643

In icstartRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...