10 matches found
EUVD-2025-208220
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
EUVD-2025-26817
Malicious code in bioql PyPI...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
Summary of CVE-2025-48535 (Android): A flaw in assertSafeToStartCustomActivity within AppRestrictionsFragment.java allows a parcel mismatch to trigger a launch-anywhere vulnerability via unsafe deserialization, enabling local elevation of privilege without additional execution privileges or user ...
PT-2025-36059
Name of the Vulnerable Software and Affected Versions: versions prior to 2025-48535 Description: A parcel mismatch in assertSafeToStartCustomActivity of AppRestrictionsFragment.java may lead to a launch anywhere vulnerability due to unsafe deserialization. This could result in local escalation of...