CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0035

CVE-2026-0035 affects the Android MediaProvider component. In MediaProvider.java's createRequest, a logic error can allow an app to gain read/write access to non-existent files, enabling local privilege escalation without extra execution privileges or user interaction. This vulnerability is docum...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which can be exploited by an attacker to cause an application to gain read and write access to non-existent files and local elevation of privilege...

ASB-A-418773439

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Zimplit CMS 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Zimplit CMS multiple vulnerabilities Date: 2013 13 September Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: www.zimplit.com Tested on: Linux & Windows, PHP 5.3....

Sami HTTP Server DoS

Crash on large number of requests to non-existent files...

IIS IDA/IDQ Path Disclosure

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. An attacker may use this flaw to gain more information about the remote host, and hence make more focused attacks. OpenVAS Vulnerability Test $Id:...

MCPWS Personal WebServer <= 1.3.21 Denial of Service Exploit

No description provided by source. !/usr/bin/perl MCPWS Personal - Webserver = 1.3.21 DoS Exploit Vendor: http://www.mcpsoftware.de The coder used a unsecure VB-function Open to open requested files and didn't include a working error handling On Error Goto etc. It's possible to exploit this...

WebWeaver DoS

Request via FTP to non-existant file causes server to hang...

FrontPage 2000 IIS 4.05.0 - Server Extensions Full Path Disclosure

FrontPage 2000 IIS 4.05.0 - Server Extensions Full Path Disclosure source: https://www.securityfocus.com/bid/1174/info The local path of a HTML, HTM, ASP, or SHTML file can be disclosed in Microsoft IIS 4.0/5.0 / Frontpage Server Extensions 1.1 and prior. Passing a path to a non-existent file to...

FrontPage 2000 / IIS 4.0/5.0 - Server Extensions Full Path Disclosure

source: https://www.securityfocus.com/bid/1174/info The local path of a HTML, HTM, ASP, or SHTML file can be disclosed in Microsoft IIS 4.0/5.0 / Frontpage Server Extensions 1.1 and prior. Passing a path to a non-existent file to the shtml.exe or shtml.dll depending on platform program will displ...

VulnCheck KEV: CVE-2000-0071

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions...