Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23813
Total
1705
Critical
7468
High
7599
Medium
CVE ID Severity Score Description Published
CVE-2026-28580 HIGH 7.8 In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with … Jun 01, 2026
CVE-2026-28578 MEDIUM 5.5 In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service … Jun 01, 2026
CVE-2026-28577 HIGH 7.8 In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no … Jun 01, 2026
CVE-2026-10294 MEDIUM 4.3 A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation … Jun 01, 2026
CVE-2026-10293 HIGH 8.8 A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the … Jun 01, 2026
CVE-2026-10292 HIGH 8.8 A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based … Jun 01, 2026
CVE-2026-10291 MEDIUM 4.3 A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the … Jun 01, 2026
CVE-2026-10290 HIGH 7.3 A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of … Jun 01, 2026
CVE-2026-0100 HIGH 7.8 In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of … Jun 01, 2026
CVE-2026-0099 HIGH 7.8 In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This … Jun 01, 2026
CVE-2026-0098 HIGH 7.8 In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation … Jun 01, 2026
CVE-2026-0097 HIGH 8.0 In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead … Jun 01, 2026
CVE-2026-0096 HIGH 7.8 In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to … Jun 01, 2026
CVE-2026-0095 HIGH 8.0 In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This … Jun 01, 2026
CVE-2026-0094 HIGH 7.8 In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This … Jun 01, 2026
CVE-2026-0093 HIGH 7.8 In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges … Jun 01, 2026
CVE-2026-0091 HIGH 7.8 In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to … Jun 01, 2026
CVE-2026-0089 HIGH 7.8 In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local … Jun 01, 2026
CVE-2026-0088 UNKNOWN In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to … Jun 01, 2026
CVE-2026-0087 HIGH 7.8 In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could … Jun 01, 2026
CVE-2026-0086 UNKNOWN In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation … Jun 01, 2026
CVE-2026-0085 MEDIUM 5.5 In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local … Jun 01, 2026
CVE-2026-0080 MEDIUM 6.5 In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial … Jun 01, 2026
CVE-2026-0079 MEDIUM 5.5 In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of … Jun 01, 2026
CVE-2026-0078 HIGH 7.8 In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with … Jun 01, 2026