A vulnerability has been found in Google Android 11.0/12.0/13.0 and classified as critical. This issue affects the function startInstrumentation of the file ActivityManagerService.java. The manipulation leads to improper access controls.
This vulnerability is documented as CVE-2023-21089. The attack needs to be performed locally. There is not any exploit available.
Applying a patch is the recommended action to fix this issue.
A vulnerability, which was classified as problematic, was found in Google Android 13.0. Affected by this vulnerability is the function parseUsesPermission of the file ParsingPackageUtils.java. Such manipulation leads to resource consumption.
This vulnerability is documented as CVE-2023-21090. The attack needs to be performed locally. There is not any exploit available.
It is best practice to apply a patch to resolve this issue.
A vulnerability identified as problematic has been detected in Google Android 11.0/12.0/13.0. The impacted element is an unknown function of the file PreferencesHelper.java. Performing manipulation results in denial of service.
This vulnerability was named CVE-2023-21087. The attack needs to be approached locally. There is no available exploit.
Applying a patch is the recommended action to fix this issue.
Scattered Spider didn't need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from Specops Software why caller verification and audit trails are critical. [...]
A vulnerability was found in Scada-LTS up to 2.7.8.1. It has been classified as problematic. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting.
This vulnerability appears as CVE-2025-10235. The attack may be initiated remotely. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in Scada-LTS up to 2.7.8.1 and classified as problematic. This vulnerability affects unknown code of the file /data_point_edit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting.
This vulnerability is reported as CVE-2025-10234. The attack can be launched remotely. Moreover, an exploit is present.
The vendor was contacted early about this disclosure but did not respond in any way.