8153 matches found
CVE-2025-48608
CVE-2025-48608 affects the Android SettingsProvider.java isValidMediaUri path, enabling cross-user media read due to a missing permission check. The issue permits local information disclosure without user interaction (ATT&CK: T1552-like, per the description), with CVSS 3.1 base score 5.5 (AV:L/AC...
CVE-2025-61617
CVE-2025-61617 affects Unisoc’s NR modem, with a potential remote denial-of-service caused by improper input validation. The description and Red Hat/NVD entries confirm a system crash possibility without requiring privileges. Connected sources reference an Android/Samsung patching context for rel...
CVE-2025-20806
Impactful but constrained: CVE-2025-20806 is a memory corruption via use-after-free in dpe that could enable local escalation of privilege to System level. Exploitation requires local access; no user interaction is needed. Root cause is use-after-free vulnerability in dpe; no explicit affected pr...