CVE-2026-0021

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-9236

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0021

PTSecurity entries PT-2026-4689, PT-2026-4690, PT-2026-4686, PT-2026-4684, PT-2026-4683, PT-2026-4691, PT-2026-4687, PT-2026-4688, PT-2026-4692 include CVE-2026-0021 as part of the High severity list for upcoming patch levels. The CVE is mentioned within the consolidated patch preview but there a...

CVE-2026-0021

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22428

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible way to grant permissions to an app on the secondary user from the primary user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2023-21325

In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2022-18496 · Samsung · One Ui Home

Name of the Vulnerable Software and Affected Versions: One UI Home versions prior to SMR April-2022 Release 1 Description: The issue allows unauthorized access to information about the currently launched foreground app. Recommendations: For versions prior to SMR April-2022 Release 1, update to th...

CVE-2022-22267

Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information...

Droid-Hunter - Android Application Vulnerability Analysis And Android Pentest Tool

.---. .----------- / \ / ------ / / \ / ----- ╔╦╗╦═╗╔═╗╦╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗ ////// ' / --- ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝ //// / // : : --- ═╩╝╩╚═╚═╝╩═╩╝ ╩ ╩╚═╝╝╚╝ ╩ ╚═╝╩╚═ // / / / '-- By HaHwul // //..\ www.hahwul.com ====UU====UU==== https://github.com/hahwul/droid-hunter '//||\ ''...

Stable Channel Update for Chrome OS

The Stable channel has been updated to 37.0.2062.119 Platform version: 5978.80.0/5978.81.0 for all Chrome OS devices except Acer C7 Chromebook, Samsung Chromebook Series 5 and HP Pavilion Chromebook . This build contains a number of bug fixes, security updates and feature enhancements. Systems wi...

CVE-2013-6204

The Web Console in HP Application Information Optimizer formerly HP Database Archiving 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004...

PHP ip2long Function String Validation Weakness

According to its banner, the 'ip2long' function in the version of PHP installed on the remote host may incorrectly validate an arbitrary string and return a valid network IP address. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...