Export limit exceeded: 363016 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-50862 2 Google, Lotuscars 2 Android, Android App 2026-04-15 5.9 Medium
The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure.
CVE-2025-56146 1 Google 1 Android 2026-04-15 5.3 Medium
Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in NuWebViewActivity.
CVE-2025-57197 2 Google, Payeer 2 Android, Payeer App 2026-04-15 6 Medium
In the Payeer Android application 2.5.0, an improper access control vulnerability exists in the authentication flow for the PIN change feature. A local attacker with root access to the device can dynamically instrument the app to bypass the current PIN verification check and directly modify the authentication PIN. This allows unauthorized users to change PIN without knowing the original/current PIN.
CVE-2025-53649 2 Google, Switchbot 2 Android, Switchbot App 2026-04-15 N/A
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.
CVE-2025-48651 1 Google 1 Android 2026-04-14 4 Medium
In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0049 1 Google 1 Android 2026-04-13 6.2 Medium
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-45780 1 Google 1 Android 2026-04-08 7.3 High
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-48611 1 Google 1 Android 2026-03-30 10 Critical
In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-20807 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114841; Issue ID: MSV-4451.
CVE-2025-20806 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479.
CVE-2025-20805 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480.
CVE-2025-20804 2 Google, Mediatek 3 Android, Mt6899, Mt6991 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503.
CVE-2025-20803 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10199779; Issue ID: MSV-4504.
CVE-2025-20787 2 Google, Mediatek 31 Android, Mt2718, Mt6739 and 28 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.
CVE-2025-20786 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.
CVE-2025-20785 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.
CVE-2025-20784 3 Google, Mediatek, Mediatk 73 Android, Mt6739, Mt6761 and 70 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.
CVE-2025-20783 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.
CVE-2025-20782 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.
CVE-2025-20781 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 7.8 High
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.