Export limit exceeded: 358968 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358968 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0131 | 1 Google | 1 Android | 2026-06-17 | 7.3 High |
| In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2026-0132 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0133 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In smmu_attach_dev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0135 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0137 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0138 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0139 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0143 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In lwis_device_external_event_emit of lwis_event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0146 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In mfc_core_get_dec_metadata_sei_nal of mfc_core_reg_api.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0150 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0152 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0153 | 1 Google | 1 Android | 2026-06-17 | 7.8 High |
| In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0064 | 1 Google | 1 Android | 2026-06-17 | N/A |
| In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-71321 | 1 Mmaitre314 | 1 Picklescan | 2026-06-17 | 9.8 Critical |
| picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.file_util.write_file. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of service or remote code execution. | ||||
| CVE-2026-0160 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0161 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0164 | 1 Google | 1 Android | 2026-06-17 | 8.8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-15641 | 2026-06-17 | N/A | ||
| Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all anti-tampering protections for the NSClient.Affected Product(s) and Version(s) * Product Name: Netskope Client * Affected Platform: Windows * Affected Version: All version below R138 | ||||
| CVE-2025-15642 | 2026-06-17 | N/A | ||
| Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List (DACLs) on the service object and related registry keys,. * Product Name: Netskope Client * Affected Platform: Windows * Affected Version: All version below R138 | ||||
| CVE-2025-71320 | 1 Mmaitre314 | 1 Picklescan | 2026-06-17 | 9.8 Critical |
| picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when the pickle is deserialized. | ||||