Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23813
Total
1705
Critical
7468
High
7599
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-28580 | HIGH | 7.8 | In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with … | Jun 01, 2026 |
| CVE-2026-28578 | MEDIUM | 5.5 | In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service … | Jun 01, 2026 |
| CVE-2026-28577 | HIGH | 7.8 | In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no … | Jun 01, 2026 |
| CVE-2026-10294 | MEDIUM | 4.3 | A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation … | Jun 01, 2026 |
| CVE-2026-10293 | HIGH | 8.8 | A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the … | Jun 01, 2026 |
| CVE-2026-10292 | HIGH | 8.8 | A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based … | Jun 01, 2026 |
| CVE-2026-10291 | MEDIUM | 4.3 | A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the … | Jun 01, 2026 |
| CVE-2026-10290 | HIGH | 7.3 | A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of … | Jun 01, 2026 |
| CVE-2026-0100 | HIGH | 7.8 | In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of … | Jun 01, 2026 |
| CVE-2026-0099 | HIGH | 7.8 | In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This … | Jun 01, 2026 |
| CVE-2026-0098 | HIGH | 7.8 | In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation … | Jun 01, 2026 |
| CVE-2026-0097 | HIGH | 8.0 | In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead … | Jun 01, 2026 |
| CVE-2026-0096 | HIGH | 7.8 | In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to … | Jun 01, 2026 |
| CVE-2026-0095 | HIGH | 8.0 | In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This … | Jun 01, 2026 |
| CVE-2026-0094 | HIGH | 7.8 | In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This … | Jun 01, 2026 |
| CVE-2026-0093 | HIGH | 7.8 | In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges … | Jun 01, 2026 |
| CVE-2026-0091 | HIGH | 7.8 | In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to … | Jun 01, 2026 |
| CVE-2026-0089 | HIGH | 7.8 | In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local … | Jun 01, 2026 |
| CVE-2026-0088 | UNKNOWN | — | In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to … | Jun 01, 2026 |
| CVE-2026-0087 | HIGH | 7.8 | In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could … | Jun 01, 2026 |
| CVE-2026-0086 | UNKNOWN | — | In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation … | Jun 01, 2026 |
| CVE-2026-0085 | MEDIUM | 5.5 | In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local … | Jun 01, 2026 |
| CVE-2026-0080 | MEDIUM | 6.5 | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial … | Jun 01, 2026 |
| CVE-2026-0079 | MEDIUM | 5.5 | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of … | Jun 01, 2026 |
| CVE-2026-0078 | HIGH | 7.8 | In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with … | Jun 01, 2026 |