Exploiting PendingIntent Provenance Confusion to Spoof Android SDK Authentication

A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain Security as the second most critical mobile risk, explicitly...

EUVD-2025-13552

Malicious code in bioql PyPI...

CVE-2024-45565

Memory corruption when blob structure is modified by user-space after kernel verification...

CVE-2024-45565

Memory corruption when blob structure is modified by user-space after kernel verification...

CVE-2024-45565

Memory corruption when blob structure is modified by user-space after kernel verification...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a new distributed operating system developed by Huawei for the Internet of Everything era. It aims to provide a unified operating platform for multiple devices, breaking the device limitations of traditional operating systems and creating a cross-device, cross-platform...

grub2 安全漏洞

grub2 is a Linux system boot program from the GNU community. GRUB2 has a security vulnerability that allows grub to be booted directly if a certificate signing grub is installed into the db. it can then boot any kernel without signature verification...

Microsoft Windows CSRSS Security Feature Bypass (MS16-048: CVE-2016-0151)

An elevation of privilege vulnerability exists in Microsoft Windows CSRSS. The vulnerability is due to an error in the way windows kernel verifies tokens. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...