ThorVG 代码问题漏洞

ThorVG is a high-performance, lightweight vector graphics engine developed under open source. Versions of ThorVG prior to 1.0.5 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the SvgLoader::run function, which could cause the process to crash for...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from memory corruption when processing multiple IOCTL commands...

PT-2026-45569

In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-329631990

In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Assimp 缓冲区错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a buffer error vulnerability. This vulnerability stemmed from incorrect handling of the parameter aiString in the...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities arise from the exposure of information when processing advertisement frames that contain format-errors MBSSID...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from a boundary-checking error in the validateNode function within ResourceTypes.cpp. This error may lead to out-of-bounds reading and local...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a vulnerability related to input validation, which arises from the lack of boundary checks when using Strongbox...

Clair 代码问题漏洞

Clair is a project open source by QUAY. It is used for static analysis of vulnerabilities in application containers currently including OCI and Docker. Clair has code-related vulnerabilities. These vulnerabilities arise from the fetcher component, which allows unauthenticated attackers to perform...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient input validation in the diagnostic service, leading to memory corruption...

PT-2026-45409

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

PT-2026-45581

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A logic error in multiple functions within ubsan throwing runtime.cpp can lead to a permanent local denial of service. This issue allows an attacker to cause the system to become unavailable...

PUB-A-434105398

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-385917501

In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

ASB-A-479515555

Bulletin has no description...

ASB-A-365086157

In many functions of ComputerEngine.java, there is a possible way to access URIs across users due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-483382363

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

ASB-A-428945391

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-470967228

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-380091558

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...