860 matches found
CVE-2026-0045
In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The warning message “Do not call blocking operations when !TASKRUNNING” has been fixed. The waiteventtimeout function will set the state of the current task to TASKUNINTERRUPTIBLE before performing the condition check. Thi...
CVE-2025-68128
reserved but not needed...
CVE-2025-68127
reserved but not needed...
CVE-2025-68126
reserved but not needed...
CVE-2025-68125
reserved but not needed...
CVE-2025-68124
reserved but not needed...
CVE-2025-58184
reserved but not needed...
CVE-2025-58182
reserved but not needed...
CVE-2026-23646 OpenProject users can delete other user's session, causing them to be logged out
OpenProject is an open-source, web-based project management software. Users of OpenProject versions prior to 16.6.5 and 17.0.1 have the ability to view and end their active sessions via Account Settings → Sessions. When deleting a session, it was not properly checked if the session belongs to the...
CVE-2023-45773
In multiple functions of btmblegap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40079
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40089
In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2018-9414
In gattServerSendResponseNative of comandroidbluetoothgatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2018-9399
In /proc/driver/wmtdbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2018-9382
In multiple functions of WifiServiceImpl.java, there is a possible way to activate Wi-Fi hotspot from a non-owner profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-0734
In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges...
CVE-2021-0617
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561391; Issue ID: ALPS05561391...
CVE-2021-0338
In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2021-0376
In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...