CVE-2025-20730
- EPSS 0.01%
- Veröffentlicht 04.11.2025 06:19:47
- Zuletzt bearbeitet 05.11.2025 17:13:55
In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitati...
CVE-2025-20723
- EPSS 0.01%
- Veröffentlicht 14.10.2025 09:11:50
- Zuletzt bearbeitet 15.10.2025 18:41:00
In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation...
CVE-2025-20722
- EPSS 0.01%
- Veröffentlicht 14.10.2025 09:11:48
- Zuletzt bearbeitet 15.10.2025 18:45:07
In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ...
CVE-2025-20721
- EPSS 0.01%
- Veröffentlicht 14.10.2025 09:11:43
- Zuletzt bearbeitet 15.10.2025 18:45:16
In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Pat...
CVE-2025-32320
- EPSS 0.01%
- Veröffentlicht 05.09.2025 16:10:08
- Zuletzt bearbeitet 08.09.2025 16:39:26
In System UI, there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-32318
- EPSS 0.08%
- Veröffentlicht 05.09.2025 16:10:07
- Zuletzt bearbeitet 08.09.2025 16:39:18
In Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-32317
- EPSS 0.01%
- Veröffentlicht 05.09.2025 16:10:06
- Zuletzt bearbeitet 08.09.2025 16:39:05
In App Widget, there is a possible Information Disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-32316
- EPSS 0.01%
- Veröffentlicht 05.09.2025 16:10:04
- Zuletzt bearbeitet 08.09.2025 16:38:55
In gralloc4, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-26461
- EPSS 0.01%
- Veröffentlicht 05.09.2025 16:10:03
- Zuletzt bearbeitet 08.09.2025 16:38:50
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additiona...
CVE-2025-26434
- EPSS 0.01%
- Veröffentlicht 05.09.2025 16:10:02
- Zuletzt bearbeitet 08.09.2025 16:38:44
In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.