CVE-2026-20435
- EPSS 0.01%
- Veröffentlicht 02.03.2026 08:39:12
- Zuletzt bearbeitet 03.03.2026 12:52:46
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interact...
CVE-2026-20403
- EPSS 0.08%
- Veröffentlicht 02.02.2026 08:14:45
- Zuletzt bearbeitet 17.02.2026 15:16:21
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User inte...
CVE-2025-20794
- EPSS 0.09%
- Veröffentlicht 06.01.2026 02:15:43
- Zuletzt bearbeitet 17.02.2026 15:16:18
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i...
CVE-2025-20793
- EPSS 0.18%
- Veröffentlicht 06.01.2026 02:15:43
- Zuletzt bearbeitet 17.02.2026 15:16:17
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User in...
CVE-2025-20760
- EPSS 0.15%
- Veröffentlicht 06.01.2026 02:15:41
- Zuletzt bearbeitet 17.02.2026 15:16:16
In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges...
CVE-2025-20765
- EPSS 0%
- Veröffentlicht 02.12.2025 02:34:28
- Zuletzt bearbeitet 12.01.2026 10:16:14
In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS1019080...
CVE-2025-20747
- EPSS 0.01%
- Veröffentlicht 04.11.2025 06:20:19
- Zuletzt bearbeitet 05.11.2025 17:11:25
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitatio...
CVE-2025-20746
- EPSS 0.01%
- Veröffentlicht 04.11.2025 06:20:17
- Zuletzt bearbeitet 05.11.2025 17:11:34
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitatio...
CVE-2025-20730
- EPSS 0.01%
- Veröffentlicht 04.11.2025 06:19:47
- Zuletzt bearbeitet 05.11.2025 17:13:55
In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitati...
CVE-2025-20722
- EPSS 0.01%
- Veröffentlicht 14.10.2025 09:11:48
- Zuletzt bearbeitet 15.10.2025 18:45:07
In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ...