453 matches found
CVE-2026-21030
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21030
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21030
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...
PT-2026-46233
🔒 API Platform CVE-2026-49858: JSON:API & HAL normalizers cached components across users on long-running runtimes FrankenPHP, RoadRunner, Swoole. Patched in 4.1.29 / 4.2.25 / 4.3.8 — upgrade now. https://t.co/1oIPjtQjqB...
Henry IV, Hotspur, Hal, and hallucinations
Welcome to this week's edition of the Threat Source newsletter. " 'Tis dangerous to take a cold, to sleep, to drink; but I tell you, my lord fool, out of this nettle, danger, we pluck this flower, safety." - Hotspur, Shakespeare's Henry IV, Part 1: Act 2 Scene 3 I get it. Hotspur is the...
MiracleLinux 3 : acpid-1.0.4-9.1.1AXS3 (AXSA:2009-429:03)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-429:03 advisory. acpid is a daemon that dispatches ACPI events to user-space programs. Security issues fixed with this release: CVE-2009-4033 No information available at the...
CVE-2021-0673
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326...
CVE-2021-0540
In halWrapperDataCallback of halwrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android...
CVE-2019-2023
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....
CVE-2022-23429
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash...
CVE-2022-23428
An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...
CVE-2025-27064
Information disclosure while registering commands from clients with diag through diagHal...
CVE-2025-27064 Buffer Over-read in Core Services
Information disclosure while registering commands from clients with diag through diagHal...
CVE-2025-27064
CVE-2025-27064 denotes an information-disclosure vulnerability tied to Qualcomm chipsets/ Core Services, caused by a buffer over-read when registering commands from clients via diagHal. The CVE is listed in multiple sources (NVD/NVD-derived entries, Red Hat, CVE List) with a Common exposure in Qu...
CVE-2025-27064 Buffer Over-read in Core Services
Information disclosure while registering commands from clients with diag through diagHal...
EUVD-2019-15705
Malware in sbrugna...
EUVD-2019-11665
Malware in sbrugna...
EUVD-2010-0302
Malware in sbrugna...
EUVD-2008-0532
Malware in sbrugna...
EUVD-2020-3475
Malware in sbrugna...