Lucene search
+L

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54954

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00108EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/04 10:32 p.m.4 views

CVE-2024-49722

In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.4AI score0.00108EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/04 12:0 a.m.4 views

Google Android Information Disclosure Vulnerability (CNVD-2026-00039)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to cross-user image disclosure caused by an obfuscated proxy in the showAvatarPicker of EditUserPhotoController.java. An attacker can exploit the...

5.5CVSS6.2AI score0.00108EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.4 views

PT-2025-35619

Name of the Vulnerable Software and Affected Versions: EditUserPhotoController.java affected versions not specified Description: The showAvatarPicker function within EditUserPhotoController.java is susceptible to a confused deputy issue, potentially leading to local information disclosure...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 6:32 a.m.8 views

CVE-2024-43082

In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.2AI score0.00101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/13 12:0 a.m.5 views

PT-2024-30282 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: The issue is related to a possible cross-user media read due to a confused deputy in the EditUserPhotoController. This could lead to local...

5.5CVSS6.1AI score0.00101EPSS
Exploits0References6
OSV
OSV
added 2021/06/11 5:15 p.m.4 views

CVE-2021-0481

In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

7.8CVSS7.2AI score0.00754EPSS
Exploits0References1
Rows per page
Query Builder