ASB-A-467082881

In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch bal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-481287452

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

PUB-A-481652714

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45362

SOPlanning is vulnerable to Cross‑Site Request Forgery CSRF in groupe save create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged GET or POST request to the application. This issue affects SOPlanning...

PT-2026-45594

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45633

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

PT-2026-45257

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

PUB-A-481311295

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-486235633

In lwisdeviceexternaleventemit of lwisevent.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45271

A vulnerability has been found in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add user check.php of the component User Creation Handler. The manipulation of the argument role leads to sql...

PT-2026-45346

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

PT-2026-45361

SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a legitimate user.csv file alongside a malicious file, which is extracted on the server. When combined with CVE-2026-40547 Path...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from an integer overflow in the l2cfcrclonebuf function found in l2cfcr.cc. This vulnerability may lead to controlled heap corruption within...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from integer overflows in multiple functions within ubsanthrowingruntime.cpp. This vulnerability could lead to remote denial of service...

PT-2026-45612

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incorrect bounds check in multiple functions may cause a desync in persistence. This issue allows for local escalation of privilege without requiring addition...

Symantec PC Tools Internet Security has security vulnerabilities

Symantec PC Tools Internet Security is a comprehensive computer security protection software developed by Symantec Corporation. Symantec PC Tools Internet Security has a security vulnerability, which stems from improper access control in the PCTCore64.sys Windows kernel driver. This allows...

PT-2026-45443

Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...

PT-2026-45460

Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...

ASB-A-350456241

In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PUB-A-476459432

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...