8 matches found
EUVD-2025-27038
Malicious code in bioql PyPI...
CVE-2025-26430
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26430
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26430
CVE-2025-26430 affects SpaAppBridgeActivity (Android). A logic error in getDestinationForApp may allow cross-user file reveal, enabling local elevation of privilege with no extra privileges and no user interaction. Documents indicate this CVE is addressed in Android security bulletins with 2025-0...
CVE-2025-26430
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2025-36012
Name of the Vulnerable Software and Affected Versions: SpaAppBridgeActivity affected versions not specified Description: A logic error in the getDestinationForApp function within SpaAppBridgeActivity may allow for cross-user file reveal, potentially leading to local escalation of privilege. User...
CVE-2025-46704
A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...
ASB-A-372895305
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...