CWE-693: CWE-693

This vulnerability allows malicious apps to launch background activities without proper permission checks, enabling local privilege escalation on Andr...

This vulnerability allows a malicious app to retain Content Delivery Manager (CDM) association due to a logic error in Android's AssociationRequest.ja...

This vulnerability allows bypassing Android's app pinning feature due to a logic error in the KeyguardService. Attackers can escalate privileges local...

This CVE describes a logic error in Android's Launcher app that allows local privilege escalation without user interaction. An attacker could hijack t...

This vulnerability allows malicious apps to launch background activities without user interaction due to a logic error in Android's LocationProviderMa...

CVE-2025-36898 is a local privilege escalation vulnerability in Android's Pixel devices that allows attackers to gain elevated privileges without user...

This vulnerability allows an attacker to bypass cross-profile intent filters in Android's Work Profile feature, enabling local privilege escalation wi...

This vulnerability allows local attackers to override Android's location permission settings due to a logic error in Permissions.java. It enables loca...

A protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. Thi...

This vulnerability allows local attackers to bypass Windows Mark of the Web (MOTW) security protections, which normally warn users about files downloa...

This vulnerability allows attackers to bypass WinZip's Mark-of-the-Web protection by tricking users into opening malicious archive files. When exploit...

This vulnerability allows attackers to bypass Windows LockDown Policy (WLDP) security features, potentially enabling execution of untrusted code. It a...

CVE-2022-48611 is a local privilege escalation vulnerability in iTunes for Windows. A local attacker can exploit a logic issue to gain elevated privil...

CVE-2024-28920 is a Secure Boot security feature bypass vulnerability that allows attackers to bypass Secure Boot protections on affected systems. Thi...

This vulnerability in Android's update system allows attackers to trigger malicious configuration updates without user interaction, leading to local p...

This Android vulnerability allows local privilege escalation without user interaction due to a logic error in the FallbackHome.java component. It dela...

CVE-2022-26774 is a local privilege escalation vulnerability in iTunes for Windows. A local attacker can exploit this logic issue to gain elevated sys...

Emerson ValveLink products lack proper protection mechanisms against directed attacks, allowing attackers to potentially compromise industrial control...

This vulnerability allows attackers to bypass security features in the Windows Scripting Engine, potentially executing malicious scripts with elevated...

This CVE-2022-22152 is a protection mechanism failure in Juniper Contrail Service Orchestration's REST API that allows one tenant to view another tena...

A logic vulnerability in macOS allows remote attackers to cause denial-of-service conditions. This affects macOS Sequoia before 15.7.4 and macOS Sonom...

This vulnerability in Windows GDI (Graphics Device Interface) allows an unauthorized attacker to remotely access and disclose sensitive information fr...

A protection mechanism failure in Windows DHCP Server allows unauthorized attackers to cause denial of service over a network. This affects organizati...

This vulnerability in NVIDIA networking products allows attackers to cause denial of service through improper ipfilter definitions. Attackers can expl...

This CVE-2024-31142 vulnerability involves a logical error in Xen's XSA-407 mitigation for Branch Type Confusion, causing the protection to not apply ...

This vulnerability allows attackers to bypass Chrome's cross-origin security policies on iOS devices, enabling them to read data from other websites v...

This vulnerability allows attackers to bypass security features in Windows Remote Desktop, potentially gaining unauthorized access to systems. It affe...

This vulnerability in Android's ManagedProvisioning component allows attackers to bypass the 'Install from unknown sources' restriction through a logi...

This vulnerability allows an attacker with physical access to an Android device to grant notification access above the lock screen through a logic err...

This vulnerability allows attackers to bypass security features in Microsoft Publisher, potentially enabling them to execute malicious code or gain un...

Dell PowerScale OneFS versions 9.5.0.x contain a protection mechanism bypass vulnerability that allows unprivileged remote attackers to potentially ex...

CVE-2024-28248 is a security vulnerability in Cilium's HTTP policy enforcement where HTTP traffic that should be blocked according to configured polic...

This CVE describes a security feature bypass vulnerability in Microsoft Office that could allow attackers to circumvent built-in security protections....

This vulnerability allows attackers to bypass Windows' Mark-of-the-Web security feature when extracting files with 7-Zip. Attackers can craft maliciou...

This CVE describes a compliance issue in Red Hat OpenShift Container Platform where, when FIPS mode is enabled, not all cryptographic modules used are...

This vulnerability allows unauthenticated physical attackers with DMA-capable PCIe devices to read and write arbitrary physical memory on affected ASR...

This vulnerability allows unauthenticated physical attackers with DMA-capable PCIe devices to read and write arbitrary physical memory on affected GIG...

This vulnerability allows unauthenticated physical attackers with DMA-capable PCIe devices to read and write arbitrary physical memory on affected MSI...

This vulnerability allows physically present attackers to downgrade the software on Kenwood DMX958XR devices without authentication, potentially enabl...

This CVE describes a protection mechanism failure in Windows BitLocker that allows unauthorized attackers with physical access to bypass security feat...

This CVE describes a mitigation bypass vulnerability in Firefox's Privacy: Anti-Tracking component that could allow attackers to circumvent privacy pr...

This vulnerability in Intel NPU drivers allows unprivileged user applications to cause a denial of service via local access. It affects systems with v...

An information disclosure vulnerability in Intel CIP software allows unprivileged local attackers to access sensitive data from user applications. Thi...

An authenticated attacker can manipulate the fe_uid parameter in ARD's payment history API to view other users' payment records without authorization....

A protection mechanism failure in Intel Graphics Driver for Arc B-Series graphics allows authenticated local users to potentially cause denial of serv...

A denial-of-service vulnerability in Keycloak allows administrative users with realm settings modification privileges to disrupt service by injecting ...

This vulnerability allows attackers to bypass Windows' Mark of the Web (MoTW) security feature, which warns users when opening files downloaded from t...

A protection mechanism failure in Intel E810 Series Ethernet controller firmware allows unauthenticated attackers to potentially cause denial of servi...

A UEFI firmware vulnerability in Slim Bootloader allows local attackers to escalate privileges by exploiting protection mechanism failures. This affec...

This vulnerability in Intel CIP software allows local attackers to escalate privileges from unprivileged to privileged access. It affects systems runn...