CVE-2026-41960

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41960

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41960

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41960

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41960

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

EUVD-2019-15170

Malware in sbrugna...

EUVD-2023-1214

Malicious code in bioql PyPI...

CVE-2025-59686

Kazaar 1.25.12 allows /api/v1/org-id/orders/order-id/documents calls with a modified order-id...

CVE-2025-43976

CVE-2025-43976 affects com.enflick.android.tn2ndLine up to version 24.17.1.0 on Android. The vulnerability allows any installed app (no permissions required) to initiate a phone call by sending a crafted intent to com.enflick.android.TextNow.activities.DialerActivity, enabling local interaction w...

PT-2025-26143 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition between the write2 and close2 system calls in the Linux kernel's FUSE Filesystem in Userspace implementation allows pages to be dirtied after the fuse flush function h...

CVE-2013-3601

Coursemill Learning Management System LMS 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student role and providing an op parameter...

CVE-2018-21078

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.0 software. The Contacts application allows attackers to originate video calls because SS Supplementary Service and USSD Unstructured Supplementary Service Data codes are improperly secured. The Samsung ID is SVE-2018-11469...

CVE-2024-49354

IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls...

CVE-2024-36062

The com.callassistant.android aka AI Call Assistant & Screener application 1.174 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.callassistant.android.ui.call.incall.InCallActivity component...

RHEL 9 : firefox (RHSA-2024:0983)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0983 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2023-32330 IBM Security Verify Access man in the middle

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977...

Google Pixel 输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to cause an elevatio...

Researchers Break Intel SGX With New 'SmashEx' CPU Attack Technique

A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability CVE-2021-0186, CVSS score: 8.2 was discovered by a group of academics from...

CVE-2021-34656 2Way VideoCalls and Random Chat - HTML5 Webcam Videochat <= 5.2.7 Reflected Cross-Site Scripting

The 2Way VideoCalls and Random Chat - HTML5 Webcam Videochat WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the vwsnotice function found in the /inc/requirements.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 5.2.7...

ml2 - Local users can Crash processes

ml2 - Local users can Crash processes include include include include error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc \n", argv0; exit1; // fork; memsetfoo, 0, sizeoffoo; snprintffoo, sizeoffoo, "/proc/%s/stat"...