26 matches found
CVE-2026-25140
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The ExpandApk function in...
EUVD-2020-20878
Malware in sbrugna...
Security Evaluation of Android Apps in Budget African Mobile Devices
Android's open-source nature facilitates widespread smartphone accessibility, particularly in price-sensitive markets. System and vendor applications that come pre-installed on budget Android devices frequently operate with elevated privileges, yet they receive limited independent examination. To...
SAMSUNG mobile 安全漏洞
SAMSUNG mobile is a cell phone from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG mobile before SMR-Dec-2024 Release 1, which stems from a path traversal that allows a physical attacker to copy apk files to an arbitrary path using ThemeCenter privileges...
CVE-2020-28419
During installation with certain driver software or application packages an arbitrary code execution could occur...
CVE-2020-28419
During installation with certain driver software or application packages an arbitrary code execution could occur...
PT-2021-11526 · Hewlett Packard · Laserjet Managed Mfp E62665 Firmware +195
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows for arbitrary code execution during installation with certain driver software or application packages. Recommendations: At the moment,...
Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path
Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path Exploit Author: 1F98D Vendor Homepage: https://www.odoo.com/ Software Link: https://nightly.odoo.com/12.0/nightly/windows/odoo12.0.20190101.exe Tested Version: 12.0.20190101 Tested on OS: Windows Step to discover Unquoted Servic...
Cisco IOS XE IOx Command Injection Vulnerability
Cisco IOS XE is an open and flexible operating system optimized for future work. A command injection vulnerability exists in Cisco IOS XE versions after 16.3.1. The vulnerability is due to incomplete validation of fields in application packages loaded into IOx. An attacker can exploit the...
Command injection
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages...
CVE-2021-1384 Cisco IOx for IOS XE Software Command Injection Vulnerability
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages...
Cisco IOx for IOS XE Software Command Injection Vulnerability
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2020-63730)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2020-63729)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2020-63733)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...
CVE-2020-3238 Cisco IOx Application Framework Arbitrary File Creation Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
CVE-2020-3238 Cisco IOx Application Framework Arbitrary File Creation Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
Microsoft SharePoint Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint...
CVE-2020-0920
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971,...
October 18, 2018—KB4462939 (OS Build 15063.1418)
October 18, 2018—KB4462939 OS Build 15063.1418 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that causes high CPU usage that results in performance degradation on some...