CVE-2020-15165

Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as possible. For more information, review the referenced GitHu...

ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape

Summary If an attacker can control the input to the asteval library, they can bypass its safety restrictions and execute arbitrary Python code within the application's context. Details The vulnerability is rooted in how asteval performs attribute access verification. In particular, the onattribut...

Huawei Smartphone Privilege Control Vulnerability

Huawei Smartphone is a cell phone product launched by Huawei. Huawei Smartphone is vulnerable to a privilege control vulnerability. The vulnerability stems from a privilege control vulnerability in a module in HarmonyOS version 2.0. An attacker could use the vulnerability to cause malicious...

Security update for ntfs-3g_ntfsprogs (important)

openSUSE Security Update: Security update for ntfs-3gntfsprogs Announcement ID: openSUSE-SU-2021:1244-1 Rating: important References: 1189720 Cross-References: CVE-2019-9755 CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269...