195 matches found
CVE-2026-13514 Chess Play and Learn App com.chess AndroidManifest.xml backup
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
CVE-2026-13282
Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...
CVE-2026-53001
A flaw was identified in the Linux kernel's netfilter xtables component. This vulnerability allowed certain network filtering rules, specifically those involving xtmac, xtowner, xtphysdev, and xtrealm matches, to be applied outside of their intended internet protocol IPv4 and IPv6 contexts. This...
CVE-2026-12065 Groww Stock, Mutual Fund, Gold App WebView URL improper authorization in handler for custom url scheme
A vulnerability was identified in Groww Stock, Mutual Fund, Gold App up to 20260805 on Android. This affects an unknown part of the component WebView URL Handler. The manipulation leads to improper authorization in handler for custom url scheme. It is possible to launch the attack on the physical...
PT-2026-52482
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Insufficiently protected credentials stored within firmware or system files may allow an unauthenticated attacker to gain unauthorized access and expose sensitiv...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed handling of incorrect devices during the bond netevent processing. The current implementation of the bond netevent handler only checks whether the handled netdev is a VF representative. However, there is no...
CVE-2026-1735
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
EUVD-2026-5110
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
PT-2026-5588
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
CVE-2026-1407
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...
CVE-2026-1411
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
CVE-2026-1411
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
CVE-2026-1411 Beetel 777VR1 UART access control
A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...
CVE-2026-1411
CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...
EUVD-2026-4651
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.0955. This affects an unknown part of the component UART Interface. Performing a manipulation results in information disclosure. The attack may be carried out on the physical device. The attack is considered to have high...
CVE-2026-1407
CVE-2026-1407 affects Beetel 777VR1 UART Interface (versions up to 01.00.09/01.00.09_55). The vulnerability allows an attacker to cause information disclosure by manipulating the device. The attack is described as physical access dependent and of high complexity; exploitation is indicated as diff...
PT-2026-4677
Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09/01.00.09 55 Description A security flaw exists in the UART Interface component of Beetel 777VR1. A manipulation of the device can lead to information disclosure. The attack requires physical access to the...
PT-2026-4679
A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.09 55. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the...
kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
A flaw was found in the Linux kernel’s phylink subsystem: when phylinkresolve executes while pl-statemutex is held, it may acquire pl-phydev-lock out of order relative to other paths phylinkbringupphy or phylinkdisconnectphy that acquire pl-phydev-lock prior to pl-statemutex. This lock inversion...
CVE-2023-4468
A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack on the physical...