There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the…

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ‘copyfrom’ paths that should be hidden according to configured path-based authorization (authz) rules. When…

Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS) in CalderaWP License Manager (WordPress plugin) <= 1.2.11. Zafiyet ile ilgili Genel Bilgi, Etki…

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to…

In multiple locations of MediaProvider.java , there is a possible way to get read/write access to other app’s dedicated, app-specific directory within external storage due…

In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to…

In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to…

In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege…

In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no…

In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local…