Export limit exceeded: 342705 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13816 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44425 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | ||||
| CVE-2022-44424 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44423 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44422 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-39118 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-39116 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-39104 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed. | ||||
| CVE-2022-39088 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 6.7 Medium |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2022-39087 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 6.7 Medium |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2022-39086 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 6.7 Medium |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2022-39085 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 6.7 Medium |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | ||||
| CVE-2022-44435 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. | ||||
| CVE-2022-44445 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | ||||
| CVE-2025-0996 | 1 Google | 1 Chrome | 2025-04-10 | 5.4 Medium |
| Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-0995 | 1 Google | 1 Chrome | 2025-04-10 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-20655 | 2 Google, Mediatek | 2 Android, Mt9972 | 2025-04-09 | 5.3 Medium |
| In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183. | ||||
| CVE-2025-20656 | 5 Google, Linuxfoundation, Mediatek and 2 more | 20 Android, Yocto, Mt6781 and 17 more | 2025-04-09 | 6.8 Medium |
| In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033. | ||||
| CVE-2025-20658 | 2 Google, Mediatek | 19 Android, Mt2718, Mt6781 and 16 more | 2025-04-09 | 6 Medium |
| In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597. | ||||
| CVE-2008-6994 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. NOTE: it might be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header. | ||||
| CVE-2008-5749 | 2 Google, Microsoft | 2 Chrome, Windows Xp | 2025-04-09 | N/A |
| Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission. | ||||