Lucene search
+L

4 matches found

cve
cve
added 2025/12/08 4:57 p.m.16 views

CVE-2025-48536

CVE-2025-48536 affects Android’s SettingsSliceProvider.java, specifically grantAllowlistedPackagePermissions. A third-party app could abuse a “confused deputy” flaw to modify secure settings, enabling local elevation of privilege with no extra execution privileges and no user interaction required...

7.8CVSS6.4AI score0.00078EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2025/10/23 12:0 a.m.16 views

PT-2025-43456

In grantAllowlistedPackagePermissions of SettingsSliceProvider.java, there is a possible way for a third party app to modify secure settings due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

6.8AI score0.00078EPSS
Exploits0References4
nvd
nvd
added 2025/09/09 9:15 p.m.13 views

CVE-2025-34177

In pfSense CE /suricata/suricataflowstream.php, the value of the policyname parameter is not sanitized of HTML-related strings/characters before being directly displayed. This can result in stored cross-site scripting. The attacker must be authenticated with at least "WebCfg - Services: suricata...

5.4CVSS0.00793EPSS
Exploits0References3
nessus
nessus
added 2025/03/10 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2024-36964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits i...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References2
Rows per page
Query Builder