CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0087

CVE-2026-0087 : The connected sources identify a logic error in Android’s DomainVerificationService.java (approvalLevelForDomainInternal) that could allow hijacking an arbitrary app link, enabling local privilege escalation without user interaction. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:...

ASB-A-483142784

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

EUVD-2017-15845

Malware in sbrugna...

EUVD-2025-23720

Malicious code in bioql PyPI...

EUVD-2025-27774

Malicious code in bioql PyPI...

CVE-2025-54632

Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity...

CVE-2025-54632

Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which originates from a vulnerability in the system where the signature verification service is...

Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature

Welcome to this weeks edition of the Threat Source newsletter. Social medias latest business plan seems to be charging for security. Twitter recently announced a plan to make SMS-based two-factor authentication a paid service as part of Twitter Blue -- asking users to pay either $8 or $11 monthly...

Instagram verification services: What are the dangers?

Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that the account is the authentic presence of a public figure, celebrity or brand. Have you ever wanted to get your own account verified? We noticed a large...

CVE-2021-39753

In DomainVerificationService, there is a possible way to access app domain verification information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of permission checking in the DomainVerificationService. An attacker could exploit this vulnerability to cause local information...

Cisco Unified Communications Manager Denial of Service Vulnerability (CNVD-2017-32527)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A denial of service vulnerabilit...

Design/Logic Flaw

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

CVE-2017-6791

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

CVE-2017-6791

CVE-2017-6791 affects Cisco Unified Communications Manager Trust Verification Service (TVS). A remote, unauthenticated attacker can cause a DoS by sending incomplete TLS traffic, denying TVS access until a restart. Affected releases include 10.0(1.10000.24), 10.5(2.10000.5), 11.0(1.10000.10), and...

CVE-2017-6791

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...

Cisco Unified Communications Manager Trust Verification Service Denial of Service Vulnerability

A vulnerability in the Trust Verification Service TVS of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS traffic by...