Lucene search
+L

41 matches found

OSV
OSV
added 2026/06/23 5:40 p.m.4 views

CVE-2026-54318 Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services...

7.1CVSS5.9AI score0.00113EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/05/01 8:19 a.m.160 views

Exploit for Improper Handling of Insufficient Permissions or Privileges in Google Android

CVE-2026-0047: Missing Permission Check in ActivityManagerServ...

8.4CVSS6.1AI score0.00138EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.8 views

CVE-2025-68721

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...

8.1CVSS5.4AI score0.0031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/05 12:0 a.m.4 views

CVE-2025-68721

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...

5.4AI score0.0031EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/05 12:0 a.m.8 views

EUVD-2025-206828

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...

9.1CVSS5.4AI score0.0031EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/05 12:0 a.m.32 views

CVE-2025-68721

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...

0.0031EPSS
Exploits0References2
CVE
CVE
added 2026/02/05 12:0 a.m.21 views

CVE-2025-68721

Axigen Mail Server prior to version 10.5.57 is affected by an improper access control in the WebAdmin interface. A delegated admin account with zero permissions can bypass access checks and gain unauthorized access to the SSL Certificates management endpoint (page=sslcerts), enabling viewing, dow...

8.1CVSS5.4AI score0.0031EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:22 p.m.26 views

CVE-2018-14990

The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...

7.5CVSS6.8AI score0.01829EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14323

Malware in sbrugna...

7.1CVSS5.6AI score0.00798EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6352

Malware in sbrugna...

7.8CVSS7.6AI score0.00387EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-6889

Malware in sbrugna...

7.8CVSS7.7AI score0.00447EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6348

Malware in sbrugna...

7.8CVSS7.6AI score0.00387EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-6872

Malware in sbrugna...

7.5CVSS7.6AI score0.01829EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-6873

Malware in sbrugna...

9.8CVSS9.5AI score0.01919EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 p.m.12 views

CVE-2018-14991

The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...

9.8CVSS7AI score0.01919EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.7 views

CVE-2019-15342

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.12 views

CVE-2019-15344

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.10 views

CVE-2019-15388

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.12 views

CVE-2019-15345

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

7.8CVSS7.2AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.15 views

CVE-2019-15346

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.8CVSS7.2AI score0.00332EPSS
Exploits0References1
Rows per page
Query Builder