Search Results (9292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-61116 2 Google, Scriptsbundle 2 Android, Adforest 2026-04-15 7.5 High
AdForest - Classified Android App version 4.0.12 (package name scriptsbundle.adforest), developed by Muhammad Jawad Arshad, contains an improper access control vulnerability in its authentication mechanism. The app uses a Base64-encoded email address as the authorization credential, which can be manipulated by attackers to gain unauthorized access to user accounts. Successful exploitation could result in account compromise, privacy breaches, and misuse of the platform.
CVE-2025-10971 3 Apple, Fermax, Google 3 Ios, Meetme, Android 2026-04-15 N/A
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5.
CVE-2025-10715 2 Apeuni, Google 2 Pte Exam Practice App, Android 2026-04-15 5.3 Medium
A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.ape_edication. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-66270 3 Apple, Google, Kde 6 Ios, Android, Gsconnect and 3 more 2026-04-15 4.7 Medium
The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49.
CVE-2025-48651 1 Google 1 Android 2026-04-14 4 Medium
In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0049 1 Google 1 Android 2026-04-13 6.2 Medium
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-45780 1 Google 1 Android 2026-04-08 7.3 High
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-48611 1 Google 1 Android 2026-03-30 10 Critical
In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-20807 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114841; Issue ID: MSV-4451.
CVE-2025-20806 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479.
CVE-2025-20805 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480.
CVE-2025-20804 2 Google, Mediatek 3 Android, Mt6899, Mt6991 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503.
CVE-2025-20803 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10199779; Issue ID: MSV-4504.
CVE-2025-20787 2 Google, Mediatek 31 Android, Mt2718, Mt6739 and 28 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.
CVE-2025-20786 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.
CVE-2025-20785 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.
CVE-2025-20784 3 Google, Mediatek, Mediatk 73 Android, Mt6739, Mt6761 and 70 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.
CVE-2025-20783 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.
CVE-2025-20782 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.
CVE-2025-20781 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 7.8 High
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.