Lucene search
K

632 matches found

ATTACKERKB
ATTACKERKB
added 16 hours ago4 views

CVE-2026-4967

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS6.2AI score
Exploits0References2
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-20460

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...

5.5CVSS6.4AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.8 views

CVE-2026-0064

In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 7:19 a.m.14 views

CVE-2026-28576

In Android, the Contacts Provider is affected by CVE-2026-28576, caused by a SQL injection in the contacts database access path. This allows local information disclosure without extra execution privileges and without user interaction. The issue is described across CVE entries and ENISA/Android re...

10CVSS6AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/17 7:19 a.m.33 views

CVE-2026-28576

In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 6:59 a.m.29 views

CVE-2026-0064

In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 6:59 a.m.15 views

CVE-2026-0064

CVE-2026-0064 is identified as a DoS vulnerability affecting Android Framework in Android 17 release notes. The issue describes a persistent denial of service due to resource exhaustion that can lead to local denial of service without user interaction. The NVD entry lists a base score of 5.5 (MED...

10CVSS5.6AI score0.00122EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/17 5:53 a.m.26 views

CVE-2026-0057

In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00065EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50240

In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.9AI score0.00148EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37195

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.3AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37183

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.5AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37179

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.5AI score0.00068EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.10 views

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.00068EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.11 views

CVE-2026-0165

CVE-2026-0165 is described across multiple sources as a vulnerability in the RTCP packet decoder where several functions perform an out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no execution privileges gained. Exploitation requires user in...

5.7CVSS5.7AI score0.00171EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0151

In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49806

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer overflow in multiple functions within VideoRtpPayloadDecoderNode.cpp can lead to an out-of-bounds write. This issue allows for remote code execution...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-49816

Name of the Vulnerable Software and Affected Versions Camera affected versions not specified Description A missing permission check in Camera allows unauthorized access to photos. This issue can lead to local information disclosure without requiring additional execution privileges or user...

3.3CVSS6AI score0.0006EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-49788

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A missing bounds check in the decodeByePacket function of RtcpByePacket can lead to remote information disclosure. Exploitation requires user interaction and doe...

3.5CVSS6AI score0.00168EPSS
Exploits0References4
MongoDB
MongoDB
added 2026/06/09 10:2 p.m.11 views

Server crashes in case of the use of exchange

When using $changestreams and $requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder