Lucene search
K

36 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/02/02 12:0 a.m.3 views

Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of user data passed to the delapikey command. The issue resul...

6.8CVSS6.2AI score0.25389EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-15837

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00118EPSS
Exploits0References2
NVD
NVD
added 2025/09/04 6:15 p.m.5 views

CVE-2025-26436

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00083EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in html2coffeekup-bal (npm)

The package html2coffeekup-bal was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in mailer-bal (npm)

The package mailer-bal was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-25790 Malicious code in mailer-bal (npm)

The package mailer-bal was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-22754 Malicious code in html2coffeekup-bal (npm)

The package html2coffeekup-bal was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.8 views

CVE-2024-0034

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.2AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 12:0 a.m.21 views

ASB-A-322159724

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00083EPSS
Exploits0References3
OSV
OSV
added 2025/02/01 12:0 a.m.24 views

ASB-A-305695605

In multiple locations, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3AI score
Exploits0References4
OSV
OSV
added 2024/08/01 12:0 a.m.43 views

ASB-A-336490997

In multiple locations, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3AI score
Exploits0References1
OSV
OSV
added 2024/07/01 12:0 a.m.32 views

ASB-A-329230490

In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00259EPSS
Exploits0References3
NVD
NVD
added 2024/02/16 2:15 a.m.23 views

CVE-2024-0034

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00118EPSS
Exploits0References2
Prion
Prion
added 2024/02/16 2:15 a.m.17 views

Privilege escalation

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.7AI score0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/16 12:8 a.m.21 views

CVE-2024-0034

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.2AI score0.00118EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/16 12:8 a.m.25 views

CVE-2024-0034

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.1AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2024/02/16 12:8 a.m.4029 views

CVE-2024-0034

Technical details beyond the BAL Bypass description are not publicly provided in the supplied documents. Monitor Android security advisories and vendor advisories for affected products, versions, and fixes.

7.8CVSS7.1AI score0.00118EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/02/15 11:15 p.m.27 views

CVE-2023-40106

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.8AI score0.00085EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/15 10:31 p.m.32 views

CVE-2023-40106

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7AI score0.00085EPSS
Exploits0References2
CVE
CVE
added 2024/02/15 10:31 p.m.5240 views

CVE-2023-40106

CVE-2023-40106 concerns a BAL bypass in Android’s NotificationManagerService.java (sanitizeSbn) that could allow launching an activity from the background, enabling local privilege escalation without extra privileges or user interaction. Affected component is the background handling path in the A...

7.8CVSS7AI score0.00085EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder