CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0087

CVE-2026-0087 : The connected sources identify a logic error in Android’s DomainVerificationService.java (approvalLevelForDomainInternal) that could allow hijacking an arbitrary app link, enabling local privilege escalation without user interaction. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:...

CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

ASB-A-483142784

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

EUVD-2017-15845

Malware in sbrugna...

EUVD-2025-27774

Malicious code in bioql PyPI...

EUVD-2025-23720

Malicious code in bioql PyPI...

CVE-2025-54632

Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity...

CVE-2025-54632

Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which originates from a vulnerability in the system where the signature verification service is...

Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature

Welcome to this weeks edition of the Threat Source newsletter. Social medias latest business plan seems to be charging for security. Twitter recently announced a plan to make SMS-based two-factor authentication a paid service as part of Twitter Blue -- asking users to pay either $8 or $11 monthly...

Instagram verification services: What are the dangers?

Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that the account is the authentic presence of a public figure, celebrity or brand. Have you ever wanted to get your own account verified? We noticed a large...

CVE-2021-39753

In DomainVerificationService, there is a possible way to access app domain verification information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of permission checking in the DomainVerificationService. An attacker could exploit this vulnerability to cause local information...

Cisco Unified Communications Manager Denial of Service Vulnerability (CNVD-2017-32527)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A denial of service vulnerabilit...

CVE-2017-6791

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

Design/Logic Flaw

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

CVE-2017-6791

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

CVE-2017-6791

CVE-2017-6791 affects Cisco Unified Communications Manager Trust Verification Service (TVS). A remote, unauthenticated attacker can cause a DoS by sending incomplete TLS traffic, denying TVS access until a restart. Affected releases include 10.0(1.10000.24), 10.5(2.10000.5), 11.0(1.10000.10), and...

Cisco Unified Communications Manager Trust Verification Service Denial of Service Vulnerability

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...