EUVD-2011-3221

Malware in sbrugna...

CVE-2025-21037

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability...

PT-2025-35689

Name of the Vulnerable Software and Affected Versions: Samsung Calendar versions prior to 12.5.06.5 in Android 14 Samsung Calendar versions prior to 12.6.01.12 in Android 15 Description: Improper access control in Samsung Calendar allows physical attackers to access data across multiple user...

CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2025-20966

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles...

CVE-2025-20966

CVE-2025-20966 affects Samsung Gallery; vulnerable is improper access control in versions: Global Android 13 ≤ 14.5.10.3, China Android 13 ≤ 14.5.09.3, and Android 14 ≤ 15.5.04.5. Root cause: improper access control enabling cross-profile data access by physical attackers. Impact: exposure of dat...

CVE-2025-20966

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles...

PT-2025-20051 · Samsung · Samsung Gallery

Name of the Vulnerable Software and Affected Versions: Samsung Gallery versions prior to 14.5.10.3 in Global Android 13 Samsung Gallery version 14.5.09.3 in China Android 13 Samsung Gallery version 15.5.04.5 in Android 14 Description: The issue is related to improper access control in Samsung...

CVE-2025-20924

Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles...

CVE-2025-20924

Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles...

Samsung Notes 安全漏洞

Samsung Notes is an application from the South Korean company Samsung SAMSUNG. An access control error vulnerability exists in Samsung Notes that stems from improper access control and can be exploited by an attacker to access data in multiple user profiles...

CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Nov-2024 Release 1 prior to version 1, which stems from Contacts contains an improper...

PT-2024-32710 · Unknown · Shilpi Client Dashboard

Name of the Vulnerable Software and Affected Versions: Shilpi Client Dashboard affected versions not specified Description: This issue exists due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this by including multiple userid...

Race Condition

github.com/apache/incubator-answer is vulnerable to a Race Condition. The vulnerability is due to improper synchronization during user registration, specifically when users rapidly submit multiple registrations using scripts. This can lead to the registration of multiple user accounts with the sa...

Huawei HarmonyOS Multi-User Module Authorization Issue Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an authorization issue vulnerability that stems from improper privilege management in multi-user modules. An attacker could...

SUSE CVE-2003-0255

The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path...

Multiple user accounts via same email and username

Description Nakama console does not validate uppercase/lowercase letters when creating a new user. This can be abused to create multiple user accounts with same email and username. Proof of Concept HTTP Request 1 request POST /v2/console/user HTTP/1.1 Host: 192.168.1.16:7351 Authorization: Bearer...

Vulnerability fixed in Microsoft Power BI

Microsoft has fixed a vulnerability in the Power BI Gateway. The vulnerability occurs when multiple users simultaneously using the gateway, causing the gateway to mixes sessions. A malicious party could potentially exploit this vulnerability to gain access to sensitive data. Abuse is not easy. Th...