31 matches found
EUVD-2026-40709
Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-21026
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...
CVE-2026-21022
Technical details about CVE-2026-21022 are not publicly available in the provided documents. Monitor for updates from Samsung security advisories and CVE listings.
CVE-2026-7954
Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-21008
Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information...
CVE-2026-31040
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...
PT-2026-27333
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-20983
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...
CVE-2026-24909
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...
CVE-2025-10986
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk...
CVE-2025-59994
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
EUVD-2018-20561
Malware in sbrugna...
CVE-2025-55383
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server...
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNPReceiveUnreliableSegment, leading to a Heap-Based Buffer Underflow and a free of memory not from the heap, resulting in a memory corruption and probably even a remot...
CVE-2025-20911
Improper access control in semwifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch...
SAMSUNG mobile devices security vulnerability
SAMSUNG mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG mobile devices SMR Jan-2024 Release 1 version and prior versions, which stems from an improper access...
PT-2024-18712 · Samsung · Samsung Mobile Devices
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Jan-2024 Release 1 Description: The issue is related to improper access control in the Notification service, allowing a local attacker to access notification data. Recommendations: For versions pri...
OESA-2023-1504 bouncycastle security update
The package is organised so that it contains a light-weight API suitable for use in any environment including the newly released J2ME with the additional infrastructure to conform the algorithms to the JCE framework. Security Fixes: Bouncy Castle For Java before 1.74 is affected by an LDAP...
PT-2023-22881 · Telecom · Telecom
Name of the Vulnerable Software and Affected Versions: Telecom versions prior to SMR Aug-2023 Release 1 Description: The issue is related to improper access control, allowing local attackers to call the "endCall API" without permission. This can be exploited by attackers to potentially disrupt or...
CVE-2023-20885
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions...