CVE-2025-20984

Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch...

CVE-2025-20984

Samsung Cloud for Galaxy Watch (prior to SMR Jun-2025 Release 1) is affected by an incorrect default permission setting that could allow local attackers to access data stored in Samsung Cloud for Galaxy Watch. The issue is tied to Samsung’s Galaxy Watch cloud data permissions and is mitigated by ...

CVE-2025-48066

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its local database on user logout does not result in deletion. This is the case for both temporary...

CVE-2024-32904

In ProtocolVsimOperationAdapter of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation...

CVE-2024-20065

In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08698617; Issue ID: MSV-1394...

CVE-2024-3479

An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider com.motorola.server.enterprise.MotoDpmsProvider that could allow a local attacker to read local data...

CVE-2023-21199

In btubleprocltkreq of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

CVE-2023-30726

PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data...

CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R11, 13.1.03.501 in Android S 12 and 14.1.00.422 in Android T13 allows local attacker to access data of MyFiles...

CVE-2023-21312

In IntentResolver, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21029

In register of UidObserverController.java, there is a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217934898...

CVE-2023-20989

In btmblewriteadvenablecomplete of btmblegap.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

CVE-2022-33121

A Cross-Site Request Forgery CSRF in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link...

CVE-2022-34354

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20042

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487...

CVE-2025-48066

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its local database on user logout does not result in deletion. This is the case for both temporary...

CVE-2025-48066 wire-webapp has no database deletion on client logout

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its local database on user logout does not result in deletion. This is the case for both temporary...

CVE-2025-48066 wire-webapp has no database deletion on client logout

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its local database on user logout does not result in deletion. This is the case for both temporary...

CVE-2025-48066

CVE-2025-48066 affects wire-webapp; a regression stopped the client from deleting local data on logout for both public and regular clients. Data could remain on the device, and in some cases encryption-at-rest cryptographic material could not be exported. The issue was fixed in wire-webapp versio...