CVE-2025-32329

CVE-2025-32329 affects Android Framework (Session.java). The described issue is a logic error in multiple Session.java functions that can permit viewing images belonging to another user on the device. This leads to local escalation of privilege with no additional execution privileges required and...

Design/Logic Flaw

It was discovered that an issue in the session logic in Unitrends Backup UB before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute...

CVE-2017-12479

It was discovered that an issue in the session logic in Unitrends Backup UB before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute...

CVE-2017-12479

It was discovered that an issue in the session logic in Unitrends Backup UB before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute...

CVE-2017-12479

It was discovered that an issue in the session logic in Unitrends Backup UB before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute...