3366 matches found
CVE-2024-45356
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
Malicious code in cryptographymethods (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-2951 Malicious code in cryptographymethods (PyPI)
--- -= Per source details. Do not edit below this line.=-...
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure
Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework CVE-2025-26633 to execute malicious code on infected machines...
CVE-2024-45356
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45355
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45356 Xiaomi phone framework has unauthorized access vulnerability
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45356
The CVE-2024-45356 entry concerns the Xiaomi phone framework. Affected software: Xiaomi phone framework. Root cause: improper validation allowing an attacker to access sensitive methods. Impact: unauthorized access to sensitive methods; CVSS vector indicates LOCAL attack vector, LOW integrity, HI...
CVE-2024-45356 Xiaomi phone framework has unauthorized access vulnerability
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45355 Xiaomi phone framework has unauthorized access vulnerability
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45355 Xiaomi phone framework has unauthorized access vulnerability
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods...
CVE-2024-45355
The CVE-2024-45355 entry concerns the Xiaomi phone framework and describes an unauthorized access vulnerability caused by improper validation that can allow attackers to access sensitive methods. The available sources (NVD, Red Hat, CVE listing, etc.) identify the affected component as the Xiaomi...
OSV-2025-239 Security exception in com.github.javaparser.GeneratedJavaParser.Expression
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=406331578 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.StringLatin1.regionMatchesCI java.base/java.lang.String.regionMatches...
Xiaomi phone framework 访问控制错误漏洞
The Xiaomi phone framework is an operating system infrastructure from China's Xiaomi Xiaomi that provides a set of system services and interfaces to support the operation of various features and applications on a cell phone. A security vulnerability exists in the Xiaomi phone framework that stems...
Xiaomi phone framework 访问控制错误漏洞
The Xiaomi phone framework is an operating system infrastructure from China's Xiaomi Xiaomi that provides a set of system services and interfaces to support the operation of various features and applications on a cell phone. A security vulnerability exists in the Xiaomi phone framework that stems...
Emissions Transparency: Moving Toward a More Rigorous Verification
...
Exploit for CVE-2025-29927
CVE-2025-29927 Next.Js permission bypass vulnerability CVE-...
How Cybercriminals Exploit Notification Channels
Cybercriminals are always looking for new ways to take advantage of people. One effective method they use is…...
Denial of Service (DoS)
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service DoS due to missing timeouts in some of the methods. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Aim allows denial of service due to no timeouts for some tracking server endpoints
In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue...