CVE-2024-40653
- EPSS 0.02%
- Published 02.09.2025 22:11:03
- Last modified 04.09.2025 17:47:27
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privilege...
CVE-2025-20707
- EPSS 0.01%
- Published 01.09.2025 05:12:24
- Last modified 03.09.2025 16:06:46
In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALP...
CVE-2025-20706
- EPSS 0.01%
- Published 01.09.2025 05:12:22
- Last modified 03.09.2025 16:06:51
In mbrain, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09...
CVE-2025-20705
- EPSS 0.01%
- Published 01.09.2025 05:12:21
- Last modified 03.09.2025 16:07:32
In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ...
- EPSS 0.02%
- Published 26.08.2025 22:48:58
- Last modified 02.09.2025 17:59:29
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privil...
- EPSS 0.01%
- Published 26.08.2025 22:48:57
- Last modified 02.09.2025 17:59:41
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploit...
CVE-2025-22412
- EPSS 0.01%
- Published 26.08.2025 22:48:56
- Last modified 02.09.2025 17:59:51
In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed f...
CVE-2025-22411
- EPSS 0.01%
- Published 26.08.2025 22:48:55
- Last modified 02.09.2025 18:00:10
In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not...
CVE-2025-22410
- EPSS 0.01%
- Published 26.08.2025 22:48:54
- Last modified 02.09.2025 18:00:30
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-22409
- EPSS 0.01%
- Published 26.08.2025 22:48:53
- Last modified 02.09.2025 18:00:49
In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...