6216 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the handling of offloads in ipgre.c, there is a possibility of a page fault due to an invalid memory access. This could lead to the disclosure of local information without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions...
EUVD-2026-37555
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0057
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28587
In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28576
In Android, the Contacts Provider is affected by CVE-2026-28576, caused by a SQL injection in the contacts database access path. This allows local information disclosure without extra execution privileges and without user interaction. The issue is described across CVE entries and ENISA/Android re...
EUVD-2026-37192
In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37176
In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0145
In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0134
In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0158
CVE-2026-0158 affects the Camera component and describes an information disclosure vulnerability caused by a missing permission check that can allow local access to photos without extra execution privileges. Impact is local information disclosure (C: Low, I: None, A: None) with a CVSS 3.1 base sc...
CVE-2026-0158
In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0145
In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0145
CVE-2026-0145 affects Keymint; a logic error allows a permission bypass leading to local information disclosure without extra privileges or user interaction. Exploitation status and fix details are not provided in the supplied documents; several sources list the issue but no patch information is ...
CVE-2026-0142
In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0142
CVE-2026-0142 affects the AVB component (iavb_parse_key_data in avb_rsa.c). The root cause is an out-of-bounds read due to improper input validation, leading to local information disclosure without extra privileges or user interaction. Connected documents confirm the same description across multi...
CVE-2026-0134
In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0134
CVE-2026-0134 describes a data persistence issue in PostWipeData within recovery_ui.cpp, exposing local information after a factory reset due to a logic error. Impact is information disclosure with no additional privileges required and no user interaction needed. The available documents do not sp...
PT-2026-49816
Name of the Vulnerable Software and Affected Versions Camera affected versions not specified Description A missing permission check in Camera allows unauthorized access to photos. This issue can lead to local information disclosure without requiring additional execution privileges or user...
PT-2026-49793
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A logic error in the PostWipeData function of recovery ui.cpp may cause data persistence after a factory reset. This issue allows for local information disclosur...
CVE-2026-45604
Out-of-bounds read in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...