CVE-2018-9364

In the LG LAF component, there is a special command that allowed modification of certain partitions. This could lead to bypass of secure boot. User interaction is not needed for exploitation...

EUVD-2019-18627

Malware in sbrugna...

EUVD-2025-5829

Malicious code in bioql PyPI...

EUVD-2025-7653

Malicious code in bioql PyPI...

EUVD-2024-18463

Malicious code in bioql PyPI...

EUVD-2021-31850

Malicious code in bioql PyPI...

EUVD-2024-46061

Malicious code in bioql PyPI...

CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-47102

Rejected reason: This CVE ID was issued in error by its CVE Numbering Authority and does not represent a valid vulnerability...

CVE-2019-9309

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575...

CVE-2025-27179 InDesign Desktop | NULL Pointer Dereference (CWE-476)

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of...

CVE-2022-42403

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2018-9471

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-20036

In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08509508; Issue ID: ALPS08509508...

CVE-2023-21246

In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2023-6620 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability. This could allow an attacker to disclose sensitive memory, potentially bypassing mitigations like ASLR. Exploitation requires...

ASB-A-223578534

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-23203

Adobe Photoshop versions 22.5.4 and earlier and 23.1 and earlier are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victi...

ASB-A-180427272

In LK, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2018-9415

In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...