515 matches found
EUVD-2025-210155
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
CVE-2025-68713
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
CVE-2025-68713
Rakuten Send Anywhere for Android (com.estmob.android.sendanywhere, version 23.2.9) is affected. A vulnerability allows untrusted applications with no permissions to trigger arbitrary file downloads into the app’s scoped storage, with downloaded items appearing in the app’s trusted Received inter...
CVE-2025-68713
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
PT-2026-2438
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The drivers within certain tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted user-mode...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...
PT-2026-2437
Name of the Vulnerable Software and Affected Versions Windows Kernel Drivers affected versions not specified Description The drivers within the tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted...
PT-2026-2440
Name of the Vulnerable Software and Affected Versions Windows Kernel Driver affected versions not specified Description The drivers within the tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...
CVE-2022-23994
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission...
CVE-2022-23996
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission...
CVE-2022-23995
Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission...
CVE-2022-23997
Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission...
JLSEC-2025-215 In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow ...
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...
JLSEC-2025-216 In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption wh...
In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...
EUVD-2021-12301
Malware in sbrugna...
EUVD-2021-12232
Malware in sbrugna...
EUVD-2010-4435
Malware in sbrugna...
EUVD-2008-5318
Malware in sbrugna...