19 matches found
CVE-2026-28576
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-9746
When using $changestreams and $requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement...
PT-2026-37331
In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...
CVE-2025-61613
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...
CVE-2025-48644
In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48642
In jumptopayload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-20761
CVE-2025-20761 affects the Modem component, where a fault in error handling can cause a system crash leading to remote denial of service if a UE connects to a rogue base station. Exploitation requires no user interaction and does not need additional privileges; the issue is addressed via patch MO...
CVE-2025-36912
In cellular modem, there is a possible denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-61609
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...
CVE-2025-61619
CVE-2025-61619 concerns the nr modem component, where improper input validation can cause a system crash leading to a remote denial of service without requiring privileges. The available details in the connected documents consistently describe a crash-based impact and a remote DoS vector, with at...
CVE-2025-61618
CVE-2025-61618 affects Unisoc nr modem. The root cause is improper input validation in the modem stack, leading to a system crash and remote denial of service without requiring privileges or user interaction. The available documentation consistently describes this as a DoS via remote input handli...
CVE-2025-22407
In hiddcheckconfigdone of hiddconn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2024-28491 · Unknown · Faceid Service
Name of the Vulnerable Software and Affected Versions: faceid service affected versions not specified Description: The issue is related to a possible out of bounds write in the faceid service due to a missing bounds check. This could lead to a local denial of service, and no additional execution...
PT-2024-13594 · Unisoc (Shanghai) Technologies Co. +1 · Sc7731E/Sc9832E/Sc9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a video decoder, where a missing bounds check can lead to a possible out of bounds write. This could result in a local denial of...
PT-2023-17559 · Unknown · Wlan Firmware
Name of the Vulnerable Software and Affected Versions: Wlan firmware affected versions not specified Description: The issue is related to an uncaught exception in the wlan firmware, which could lead to a system crash. This can result in a remote denial of service without requiring additional...
PT-2023-14462 · Unknown · Music Service
Name of the Vulnerable Software and Affected Versions: Music service affected versions not specified Description: The issue is related to a missing permission check in the music service, which could lead to a local denial of service in the contacts service. No additional execution privileges are...
Google Android 信息泄露漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which can be exploited by attackers to cause local information disclosure without additional execution privileges...
PT-2021-13094 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: The issue is related to a memory management driver, where improper input validation can cause a system crash. This can lead to a local denial of...
CVE-2020-0316
In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919...