CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-208215

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-22688

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-24806

libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...

SUSE CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...

Debian dla-3100 : libgoogle-gson-java - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3100 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3100-1 [email protected] https://www.debian.org/lts/security/...

PT-2022-14433 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-12L Description: In the registerRemoteBugreportReceivers function of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in DevicePolicyManagerService.java's registerRemoteBugreportReceivers. Due to the lack of permission checking, a forged error report ma...

[SECURITY] Fedora 34 Update: rust-bugreport-0.4.0-2.fc34

Collect system and environment information for bug reports...

Fedora: Security Advisory for rust-bugreport (FEDORA-2021-3cf88e44b4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-0570

In sendBugreportNotification of BugreportProgressService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Debian DSA-4883-1 : underscore - security update

It was discovered that missing input sanitising in the template function of the Underscore JavaScript library could result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Webtareas 2.0 - 'id' SQL Injection

Exploit Title: Webtareas 2.0 - 'id' SQL Injection Date: 2020-01-23 Exploit Author: Greg.Priest Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link: http://webtareas.sourceforge.net/general/home.php Version: Webtareas v2.0 Tested on: Windows CVE : N/A Webtareas v2.0...

singaporehardware.com.sg Cross Site Scripting vulnerability

Security Researcher NasurUllah Helped patch 1 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting singaporehardware.com.sg website and its users. Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Op...

UNA 10.0.0 RC1 - (polyglot.php) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-1480...

UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting

Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-14804 UNA-v.10.0.0-RC1 Stored XSS...

CVE-2018-19800

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in newaubiotempo...