CVE-2026-20969
- EPSS 0.23%
- Veröffentlicht 09.01.2026 06:15:52
- Zuletzt bearbeitet 15.01.2026 19:41:02
Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.
CVE-2026-20968
- EPSS 0.16%
- Veröffentlicht 09.01.2026 06:15:41
- Zuletzt bearbeitet 15.01.2026 19:25:07
Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.
CVE-2025-58480
- EPSS 0.22%
- Veröffentlicht 02.12.2025 01:24:25
- Zuletzt bearbeitet 05.12.2025 19:09:14
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58479
- EPSS 0.23%
- Veröffentlicht 02.12.2025 01:24:24
- Zuletzt bearbeitet 05.12.2025 19:09:27
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58478
- EPSS 0.22%
- Veröffentlicht 02.12.2025 01:24:23
- Zuletzt bearbeitet 05.12.2025 19:09:53
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58477
- EPSS 0.22%
- Veröffentlicht 02.12.2025 01:24:22
- Zuletzt bearbeitet 05.12.2025 19:12:50
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58476
- EPSS 0.13%
- Veröffentlicht 02.12.2025 01:24:21
- Zuletzt bearbeitet 05.12.2025 19:13:16
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
CVE-2025-58475
- EPSS 0.11%
- Veröffentlicht 02.12.2025 01:24:19
- Zuletzt bearbeitet 05.12.2025 19:14:51
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21080
- EPSS 0.09%
- Veröffentlicht 02.12.2025 01:23:31
- Zuletzt bearbeitet 05.12.2025 20:10:44
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
CVE-2025-21072
- EPSS 0.09%
- Veröffentlicht 02.12.2025 01:23:05
- Zuletzt bearbeitet 05.12.2025 19:49:13
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.