10 matches found
CVE-2025-26454
In validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26454
In validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26454
CVE-2025-26454 concerns a flaw in the Android component DisclaimersParserImpl.java, where a confused deputy could allow access to data from other users, enabling local privilege escalation without extra execution privileges or user interaction. The public records consistently describe the issue a...
ASB-A-299928772
In validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
UK Finfluencers: Exploring Content, Reach, and Responsibility
The rise of social media financial influencers finfluencers has significantly transformed the personal finance landscape, making financial advice and insights more accessible to a broader and younger audience. By leveraging digital platforms, these influencers have contributed to the...
Private Set Membership (PSM) - Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership PSM is a cryptographic protocol that allows clients to privately query whether the client's identifier is a member of a set of identifiers held by a server in a privacy-preserving manner. At a high level, PSM provides the following privacy guarantees: The server does not...
Exploit for CVE-2020-25078
CVE-2020-25078 Instructions The attack URL is located in th...
Http-Request-Smuggling - HTTP Request Smuggling Detection Tool
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in Augu...
qiagen.com XSS vulnerability
Open Bug Bounty ID: OBB-610287 Description| Value ---|--- Affected Website:| qiagen.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
FreeBSD : cvs -- numerous vulnerabilities (29)
The following package needs to be updated: FreeBSD %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgd2102505f03d11d881b0000347a4fa7d.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...