CVE-2026-28576

In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-28587

CVE-2026-28587 affects the MmsSmsProvider component (MmsSmsProvider.java), enabling local information disclosure via a missing permission check. Exploitation requires no user interaction and does not require additional privileges; impact is confined to information disclosure. The vulnerability is...

Windows DHCP Client Information Disclosure Vulnerability

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...

PT-2026-47993

Out-of-bounds read in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...

CVE-2026-0016

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0016

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from incorrect bounds checking in the setTo method within ResourceTypes.cpp. This vulnerability may lead to out-of-bound reading, resulting i...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a permission bypass in the handleBondStateChanged method within AdapterService.java. This vulnerability may lead to the disclosure of...

Palo Alto Prisma Access Agent 24.x / 25.x / 26.x < 26.2.1 Multiple Vulnerabilities

The version of Palo Alto Networks Prisma Access Agent installed on the remote host is 24.x, 25.x, or 26.x prior to 26.2.1. It is, therefore, affected by multiple vulnerabilities: - Multiple information disclosure vulnerabilities allow a local user to access sensitive configuration data and...

EUVD-2026-10833

The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-20429

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535...

PT-2026-22670

In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...

Microsoft Excel Information Disclosure Vulnerability

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...

CVE-2026-20821

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally...

CVE-2023-40639

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

Apple macOS Tahoe 安全漏洞

Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a privilege issue vulnerability that stems from the system having insufficient security...

CVE-2025-36889

In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from improper validation of AreFencesRegistered inputs in gxpfencemanager.cc, which could lead to the disclosure of local information...

PT-2025-50703

In ProtocolPsUnthrottleApn of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

EUVD-2025-202209

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally...