10 matches found
CVE-2026-0068
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...
PT-2025-46307
Name of the Vulnerable Software and Affected Versions Axis Communications ACAP applications affected versions not specified Description ACAP applications may be able to gain elevated privileges due to improper input validation, which could lead to privilege escalation. This is only possible if th...
EUVD-2017-17137
Malware in sbrugna...
No need to RSVP: a closer look at the Tria stealer campaign
Introduction Since mid-2024, we've observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app APK, which we have named "Tria Stealer" after unique strings found in campaign samples. The primary targets of the...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Manipulation of data; Circumvention of security measure; Accessing sensitive data. For successful exploitatio...
DEBIAN-CVE-2021-30580
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page...
CVE-2021-30519
Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-5301
Huawei smart phones Honor V20 with the versions before 9.0.1.161C00E161R2P2 have an information leak vulnerability. An attacker may trick a user into installing a malicious application. Due to coding error during layer information processing, attackers can exploit this vulnerability to obtain som...
Huawei ALP-AL00B and BLA-AL00B RCS Module Unauthorized Operation Vulnerability
Huawei ALP-AL00B and BLA-AL00B are both smartphone products from Huawei, China.RCS module is one of the converged communication modules. A security vulnerability exists in the RCS module in the Huawei ALP-AL00B before version 8.0.0.129 and the BLA-AL00B before version 8.0.0.129. An attacker can...
Searching for Leaked Celebrity Photos? Don't Blindly Click that Fappening Link!
Are you curiously googling or searching torrents for photos or videos of Emma Watson, Amanda Seyfried, Rose McGowan, or any other celebrities leaked in The Fappenning 2.0? If yes, then beware, you should not click any link promising Fappenning celebrity photos. Cybercriminals often take advantage...