Lucene search
K

2411 matches found

EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2025-202035

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

7.1AI score0.0026EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.5 views

CVE-2025-22432

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.8AI score0.00093EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.7 views

CVE-2025-48572

In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.4 views

CVE-2025-48626

In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS7.4AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.6 views

CVE-2025-48580

In connectInternal of MediaBrowser.java, there is a possible way to access while in use permission while the app is in background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00111EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.5 views

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.6 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00076EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.3 views

CVE-2025-62093

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

8.5CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.1 views

CVE-2025-62093 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

8.5CVSS7.3AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:52 p.m.22 views

CVE-2025-62093 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

8.5CVSS0.0026EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/09 12:28 a.m.6 views

SUSE CVE-2023-53765

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

5.5CVSS6.4AI score0.00169EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49994

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbg fullscreen fullwidth slider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

7.7AI score0.0026EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.2 views

WordPress plugin Image&Video FullScreen Background SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

8.5CVSS7.6AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 6:30 p.m.6 views

EUVD-2025-201743

In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS6.9AI score0.0033EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/08 6:30 p.m.6 views

EUVD-2025-201742

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.4AI score0.00076EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/08 6:30 p.m.6 views

EUVD-2025-201776

In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.4AI score0.00228EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/08 6:30 p.m.5 views

EUVD-2025-201787

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.3AI score0.00093EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/08 6:30 p.m.5 views

EUVD-2025-201785

In ensureBound of RemotePrintService.java, there is a possible way for a background app to keep foreground permissions due to a permissions bypass. This could lead to local escalation of privilege with user execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.2AI score0.00077EPSS
Exploits0References3
NVD
NVD
added 2025/12/08 5:16 p.m.9 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00076EPSS
Exploits0References2
OSV
OSV
added 2025/12/08 5:16 p.m.6 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00076EPSS
Exploits0References2
Rows per page
Query Builder