632 matches found
CVE-2026-4967
In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed...
CVE-2026-20460
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...
CVE-2026-0064
In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28576
In Android, the Contacts Provider is affected by CVE-2026-28576, caused by a SQL injection in the contacts database access path. This allows local information disclosure without extra execution privileges and without user interaction. The issue is described across CVE entries and ENISA/Android re...
CVE-2026-28576
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0064
In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0064
CVE-2026-0064 is identified as a DoS vulnerability affecting Android Framework in Android 17 release notes. The issue describes a persistent denial of service due to resource exhaustion that can lead to local denial of service without user interaction. The NVD entry lists a base score of 5.5 (MED...
CVE-2026-0057
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-50240
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37195
In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37183
In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37179
In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0145
In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0165
CVE-2026-0165 is described across multiple sources as a vulnerability in the RTCP packet decoder where several functions perform an out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no execution privileges gained. Exploitation requires user in...
CVE-2026-0151
In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-49806
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer overflow in multiple functions within VideoRtpPayloadDecoderNode.cpp can lead to an out-of-bounds write. This issue allows for remote code execution...
PT-2026-49816
Name of the Vulnerable Software and Affected Versions Camera affected versions not specified Description A missing permission check in Camera allows unauthorized access to photos. This issue can lead to local information disclosure without requiring additional execution privileges or user...
PT-2026-49788
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A missing bounds check in the decodeByePacket function of RtcpByePacket can lead to remote information disclosure. Exploitation requires user interaction and doe...
Server crashes in case of the use of exchange
When using $changestreams and $requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement...