EUVD-2026-11035

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

CVE-2025-36911

CVE-2025-36911 (WhisperPair) is a vulnerability in Google Fast Pair where devices may accept Key-Based Pairing requests even when not in pairing mode, enabling unauthorized pairing without user interaction. Connected tooling demonstrates practical exploitation: an attacker can obtain a BR/EDR add...

CVE-2025-26455

In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21281

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. Google Android 13 suffers from a security vulnerability that stems from a logic error in the code in Settings that could potentially bypass factory reset protection, which could lead to a local...

CVE-2022-26427

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540...