26 matches found
EUVD-2021-26123
Malware in sbrugna...
EUVD-2018-6881
Malware in sbrugna...
EUVD-2023-25491
Malicious code in bioql PyPI...
EUVD-2023-25505
Malicious code in bioql PyPI...
EUVD-2023-53102
Malicious code in bioql PyPI...
EUVD-2023-25501
Malicious code in bioql PyPI...
EUVD-2023-25518
Malicious code in bioql PyPI...
EUVD-2022-25512
Malicious code in bioql PyPI...
EUVD-2023-25470
Malicious code in bioql PyPI...
Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097
The Layout Builder Advanced Permissions module enables you to have fine grained control over who can do what in editing pages built with Layout Builder. The module doesn't sufficiently control access for adding sections in the submodule. This vulnerability is mitigated by the fact that an attacke...
DRUPAL-CONTRIB-2025-092
This module allows you to manage video media items using the COOKiES module disabling external video elements. These elements will be enabled again, once the COOKiES banner is accepted. The module doesn't sufficiently check whether to convert "data-src" attributes to "src" when their value might...
DRUPAL-CONTRIB-2025-087
This module provides a format filter, which allows you to "disable" iframes e.g. remove their src attribute specified by the user. These elements will be enabled again, once the Cookies banner is accepted. The module doesn't sufficiently filter user-supplied content when their value might contain...
CVE-2022-20223
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-1026
In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2021-0990
In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction ...
Exploit for Deserialization of Untrusted Data in Google Android
CVE-2024-31317-PoC-Deployer!Android Versionhttps://img.shie...
CVE-2025-46595
An XSS issue was discovered in the Flag module before 1.x-3.6.2 for Backdrop CMS. Flag is a module that allows flags to be added to nodes, comments, users, and any other type of entity. It doesn't verify flag links before performing the flag action, or verify that the response returned was provid...
CVE-2023-21326
In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20538
In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2022-20318
In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...