Lucene search
K

5783 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-58300

Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally...

6.2CVSS5.8AI score
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41645

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Edge Chromium-based allows an authorized attacker to disclose information locally...

4.2CVSS6AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Intel Microcode

A observable discrepancy in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.00414EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in FLAC

In streamencoder.c, there is a potential out-of-bounds write due to a missing bounds check. This could lead to exposure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android-11 Android ID:...

5.5CVSS6.5AI score0.00465EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure through local access...

6CVSS6.4AI score0.00308EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Netty

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high-performance protocol servers and clients. Before version 4.1.59.Final, there was a vulnerability on Unix-like systems involving an insecure temporary file. When Netty’s...

6.2CVSS6.7AI score0.01777EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Xen

Observable discrepancies in response times of some Intel processors may allow authorized users to potentially disclose information through local access...

6.5CVSS6.5AI score0.00372EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37555

In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.6AI score0.00065EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:19 p.m.6 views

CVE-2026-0057

In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.00065EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 7:21 a.m.37 views

CVE-2026-28587

In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 7:19 a.m.15 views

CVE-2026-28576

In Android, the Contacts Provider is affected by CVE-2026-28576, caused by a SQL injection in the contacts database access path. This allows local information disclosure without extra execution privileges and without user interaction. The issue is described across CVE entries and ENISA/Android re...

10CVSS6AI score0.00148EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/16 9:32 p.m.9 views

EUVD-2026-37192

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.5AI score0.0006EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.9 views

EUVD-2026-37176

In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00069EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.10 views

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.00068EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 8:16 p.m.7 views

CVE-2026-0134

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.00072EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0158

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.0006EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.11 views

CVE-2026-0158

CVE-2026-0158 affects the Camera component and describes an information disclosure vulnerability caused by a missing permission check that can allow local access to photos without extra execution privileges. Impact is local information disclosure (C: Low, I: None, A: None) with a CVSS 3.1 base sc...

3.3CVSS5.6AI score0.0006EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00068EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.10 views

CVE-2026-0145

CVE-2026-0145 affects Keymint; a logic error allows a permission bypass leading to local information disclosure without extra privileges or user interaction. Exploitation status and fix details are not provided in the supplied documents; several sources list the issue but no patch information is ...

3.3CVSS5.6AI score0.00068EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0142

In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00069EPSS
Exploits0References1
Rows per page
Query Builder