CVE-2023-49242

Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality...

EUVD-2018-1064

Malware in sbrugna...

EUVD-2023-53245

Malicious code in bioql PyPI...

PT-2025-17323 · Bw Broadcast · Tx1000 +5

Name of the Vulnerable Software and Affected Versions: BW Broadcast TX600 versions 1.6.0 BW Broadcast TX300 versions 1.6.0 BW Broadcast TX150 versions 1.6.0 BW Broadcast TX1000 versions 1.6.0 BW Broadcast TX30 versions 1.6.0 BW Broadcast TX50 versions 1.6.0 Description: The issue is related to...

Insufficient Authorization

github.com/mattermost/mattermost/ is vulnerable to Insufficient Authorization. The vulnerability is caused due to insufficient scoping of WebSocket responses to authorised users, resulting in Websocket responses being broadcasted to everyone in the channel...

CVE-2023-49242

Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-49242

CVE-2023-49242 affects Huawei HarmonyOS in the running management module, described as a “free broadcast vulnerability.” The vulnerability may compromise service confidentiality if exploited. The NVD entry lists CVSS v3.1 base score 7.5 (Network) with Low attack complexity and no user interaction...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a broadcast vulnerability in the runtime management module. Successful exploitation of...

Authentication flaw

The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability...

ASB-A-158570769

In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

CVE-2019-16980

In FusionPBX up to v4.5.7, the file app\callbroadcast\callbroadcastedit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection...

Shopify: Shopify android client all API request's response leakage, including access_token, cookie, response header, response body content

Shopify android client all API request's response leakage, including accesstoken, cookie, response header, response body content and much other information. An attacker can extract cookie and accesstoken of Shopify android client without any permission needed and user awareness. Bug impact: A...