EUVD-2023-25410

Malicious code in bioql PyPI...

CVE-2025-48523

In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22427

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-36898

There is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the Pixel Sim Lock component. An attacker can exploit the vulnerability to elevate privileges...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from a code logic error that could lead to local elevation of privilege...

ASB-A-368319929

In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

ASB-A-388828203

In multiple functions of LocationProviderManager.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29741

In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-27237

In wipensmemory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-48405

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35666

In btaavrcmsg of btaavact.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-44289

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

ASB-A-337774836

In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

Google Android Information Disclosure Vulnerability (CNVD-2025-07530)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a code logic error that can be exploited by an attacker to obtain sensitive information...

Google Android Denial of Service Vulnerability (CNVD-2025-12377)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial-of-service vulnerability, which stems from a code logic error that can be exploited by an attacker to trigger a factory reset without the user's consent, resulting in a denial of service...

Path Traversal via Symbolic Links in `ObsidianReader`

Description The ObsidianReader class, designed to parse Obsidian vaults, contains a critical security flaw that allows arbitrary file read through symbolic links symlinks. When processing a vault, the reader does not resolve or validate the absolute paths of files, enabling an attacker to place a...

CVE-2024-56187

CVE-2024-56187 involves a logic error in Google Pixel’s ppcfw_deny_sec_dram_access (ppcfw.c) that allows an arbitrary read of TEE memory, enabling local information disclosure with System privileges and no user interaction required. Affected: Pixel devices; root cause: logic flaw in memory access...

Linux Distros Unpatched Vulnerability : CVE-2024-5458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs...

Omnissa Horizon 安全漏洞

Omnissa Horizon is an application from Omnissa, Inc. which provides centralized desktops and applications. A security vulnerability exists in Omnissa Horizon that stems from a code logic flaw. An attacker can escalate privileges by exploiting the vulnerability...