Lucene search
K

48991 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2025-210216

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.00084EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.7 views

EUVD-2025-210213

In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS5.7AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-28587

In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-28576

In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.11 views

CVE-2026-28615

In Telecomm, there is a possible way to initiate an unauthorized phone call due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.12 views

CVE-2026-0083

In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.18 views

CVE-2026-0071

In SettingsLib, there is a possible missing permission check due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.20 views

CVE-2026-0081

In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.10 views

CVE-2026-0082

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.20 views

CVE-2026-0068

In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...

10CVSS0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.8 views

CVE-2026-0019

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.0008EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.10 views

CVE-2025-48643

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00084EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.6 views

CVE-2025-48571

In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS0.00191EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:55 a.m.9 views

CVE-2026-48294

Adobe Acrobat PDF Extension Chrome versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in tha...

7.4CVSS0.00719EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46955

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite component: Person. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources. Successf...

7.5CVSS0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46894

Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite component: Home Page. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle iSupplier Portal...

8CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46869

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Dump and Load. Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Shell...

6.5CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.14 views

CVE-2026-46848

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where WebLogic Server executes to...

7.9CVSS0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.16 views

CVE-2026-46806

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle WebCenter Content...

8.2CVSS0.00317EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.10 views

CVE-2026-46804

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content...

8.7CVSS0.00326EPSS
Exploits0References1
Rows per page
Query Builder