Total
33842 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58279 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 4.4 Medium |
| Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-66325 | 1 Huawei | 2 Emui, Harmonyos | 2025-12-09 | 6.2 Medium |
| Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-66329 | 1 Huawei | 2 Emui, Harmonyos | 2025-12-09 | 4 Medium |
| Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-66557 | 1 Nextcloud | 1 Deck | 2025-12-09 | 5.4 Medium |
| Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This vulnerability is fixed in 1.14.6 and 1.15.2. | ||||
| CVE-2025-66330 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 4.9 Medium |
| App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-66331 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 3.3 Low |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-66334 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 3.3 Low |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-66333 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 3.3 Low |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-66332 | 1 Huawei | 1 Harmonyos | 2025-12-09 | 3.3 Low |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-48606 | 1 Google | 1 Android | 2025-12-09 | 7.8 High |
| In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48607 | 1 Google | 1 Android | 2025-12-09 | 5.5 Medium |
| In multiple locations, there is a possible way to create a large amount of app ops due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48632 | 1 Google | 1 Android | 2025-12-09 | 7.8 High |
| In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations to persist after the user has disassociated them due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48620 | 1 Google | 1 Android | 2025-12-09 | 7.8 High |
| In onSomePackagesChanged of VoiceInteractionManagerService.java, there is a possible way for a third party application's component name to persist even after uninstalling due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48639 | 1 Google | 1 Android | 2025-12-09 | 7.3 High |
| In DefaultTransitionHandler.java, there is a possible way to unknowingly grant permissions to an app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-48627 | 1 Google | 1 Android | 2025-12-09 | 7.8 High |
| In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48626 | 1 Google | 1 Android | 2025-12-09 | 8.8 High |
| In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48610 | 1 Google | 1 Android | 2025-12-08 | 5.5 Medium |
| In __pkvm_guest_relinquish_to_host of mem_protect.c, there is a possible configuration data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-13639 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-12-08 | 8.1 High |
| Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2025-59704 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2025-12-08 | 4.6 Medium |
| Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password. | ||||
| CVE-2025-21022 | 1 Samsung | 1 Galaxy Wearable | 2025-12-08 | 3.3 Low |
| Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information. | ||||