CVE-2025-26418

In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account to a managed device due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

EUVD-2025-210010

In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account to a managed device due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2025-26418

Technical details (affected products, exact component, exploit conditions, remediation) are not publicly available in the provided documents. Monitor for updates.

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989321 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has...

EUVD-2020-29669

Malware in sbrugna...

EUVD-2024-23305

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-49512

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2022-49512

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2022-49512 mtd: rawnand: denali: Use managed device resources

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2022-49512 mtd: rawnand: denali: Use managed device resources

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2022-49512

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: 4.472703 denali-nand-pci 0000:00:05.0: timeout while...

CVE-2024-45104

Summary: CVE-2024-45104 affects Lenovo XClarity Administrator (LXCA). A valid, authenticated LXCA user who does not have sufficient privileges may exploit the system by using a device identifier to modify an LXCA-managed device through a specially crafted Web API call. This implies an elevation o...

CVE-2024-45104

A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call...

PT-2024-31434 · Lenovo · Lxca

Name of the Vulnerable Software and Affected Versions: LXCA affected versions not specified Description: A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call...

DEBIAN-CVE-2022-3312

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

Input validation

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

CVE-2022-3312

CVE-2022-3312 affects Google Chrome on ChromeOS, where VPN input handling had insufficient validation of untrusted input before version 106.0.5249.62. The underlying issue is in VPN-related code, enabling a local attacker with physical access to bypass managed device restrictions. The evidence co...

CVE-2022-20844 Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists...

Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password (cisco-sa-sdavc-ZA5fpXX2)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GU...

CVE-2022-20268

In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed...