Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27038

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00079EPSS
Exploits0References2
OSV
OSV
added 2025/09/04 6:15 p.m.4 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/04 5:11 p.m.3 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.3AI score0.00079EPSS
Exploits0References2
CVE
CVE
added 2025/09/04 5:11 p.m.430 views

CVE-2025-26430

CVE-2025-26430 affects SpaAppBridgeActivity (Android). A logic error in getDestinationForApp may allow cross-user file reveal, enabling local elevation of privilege with no extra privileges and no user interaction. Documents indicate this CVE is addressed in Android security bulletins with 2025-0...

7.8CVSS6.3AI score0.00079EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/09/04 5:11 p.m.6 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00079EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/04 12:0 a.m.5 views

PT-2025-36012

Name of the Vulnerable Software and Affected Versions: SpaAppBridgeActivity affected versions not specified Description: A logic error in the getDestinationForApp function within SpaAppBridgeActivity may allow for cross-user file reveal, potentially leading to local escalation of privilege. User...

7.8CVSS6AI score0.00079EPSS
Exploits0References5
OSV
OSV
added 2025/07/11 12:15 a.m.4 views

CVE-2025-46704

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

5.3CVSS5.9AI score0.03317EPSS
Exploits0References2
OSV
OSV
added 2025/05/01 12:0 a.m.27 views

ASB-A-372895305

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.3AI score0.00079EPSS
Exploits0References2
Rows per page
Query Builder