CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Android Security Bulletins•added 2025/11/03 12:0 a.m.•37 views

Android Security Bulletin—November 2025Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2025-11-01 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...

8CVSS7.8AI score0.00911EPSS

Exploits4

Android Security Bulletins•added 2025/11/03 12:0 a.m.•23 views

Android Automotive OS Update Bulletin—November 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2025-11-05 or later from the November 2025 Android Security Bulletin in addition to all issues in th...

7.8AI score

Packet Storm News•added 2025/11/02 12:0 a.m.•5 views

Android Malware Detection: A Machine Learning Approach

This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android applications and analyzes their accuracy, efficiency, and...

6.9AI score

AstraLinux•added 2025/11/01 10:54 a.m.•5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.5AI score0.00281EPSS

AstraLinux•added 2025/11/01 10:54 a.m.•5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.5AI score0.00247EPSS

AstraLinux•added 2025/11/01 10:54 a.m.•5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, and ChromeOS before version 140.0.7339.127 allowed a remote attacker to bypass site isolation through a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00258EPSS

OSV•added 2025/10/31 2:13 p.m.•3 views

OESA-2025-2593 firefox security update

Security Fixes: If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from differen...

8.8CVSS7.3AI score0.00619EPSS

Exploits0References5

OSV•added 2025/10/31 2:13 p.m.•3 views

OESA-2025-2592 firefox security update

8.8CVSS7.3AI score0.00619EPSS

Exploits0References5

SUSE CVE•added 2025/10/31 12:34 a.m.•1 views

SUSE CVE-2025-12447

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.2CVSS6.5AI score0.00156EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•4 views

CVE-2025-61114

2nd Line Android App version v1.2.92 and before package name com.mysecondline.app, developed by AutoBizLine, Inc., contains an improper access control vulnerability in its authentication mechanism. The server only validates the first character of the usertoken, enabling attackers to brute force...

7.5CVSS6.9AI score0.00299EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•4 views

CVE-2025-61115

ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...

7.5CVSS6.5AI score0.00318EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•3 views

CVE-2025-61113

TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information such as device identifiers and birthdays and access private group information, including join credentials...

7.5CVSS6.7AI score0.00246EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•2 views

CVE-2025-61121

Mobile Scanner Android App version 2.12.38 package name com.glority.everlens, developed by Glority Global Group Ltd., contains a credential leakage vulnerability. Improper handling of cloud service credentials may allow attackers to obtain them and carry out unauthorized actions, such as sensitiv...

7.5CVSS6.2AI score0.00251EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•4 views

CVE-2025-61117

Senza: Keto & Fasting Android App version 2.10.15 package name com.gl.senza, developed by Paul Itoi, contains an improper access control vulnerability. By exploiting insufficient checks in user data API endpoints, attackers can obtain authentication tokens and perform account takeover. Successful...

7.5CVSS6.7AI score0.00299EPSS

RedhatCVE•added 2025/10/31 12:13 a.m.•3 views

CVE-2025-61116

AdForest - Classified Android App version 4.0.12 package name scriptsbundle.adforest, developed by Muhammad Jawad Arshad, contains an improper access control vulnerability in its authentication mechanism. The app uses a Base64-encoded email address as the authorization credential, which can be...

7.5CVSS7AI score0.00299EPSS

Packet Storm News•added 2025/10/31 12:0 a.m.•3 views

MH-1M: A 1.34 Million-Sample Comprehensive Multi-Feature Android Malware Dataset for Machine Learning, Deep Learning, Large Language Models, and Threat Intelligence Research

We present MH-1M, one of the most comprehensive and up-to-date datasets for advanced Android malware research. The dataset comprises 1,340,515 applications, encompassing a wide range of features and extensive metadata. To ensure accurate malware classification, we employ the VirusTotal API,...

6.9AI score