Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-22013

    U-Boot environment is read from unauthenticated partition.... Read more

    • Published: Sep. 16, 2024
    • Modified: Jul. 24, 2025

  • 9.8

    CRITICAL
    CVE-2024-44097

    According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to int... Read more

    • Published: Oct. 02, 2024
    • Modified: Jul. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-32914

    In tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jun. 13, 2024
    • Modified: Jul. 24, 2025

  • 10.0

    CRITICAL
    CVE-2023-48426

    u-boot bug that allows for u-boot shell and interrupt over UART ... Read more

    • Published: Apr. 05, 2024
    • Modified: Jul. 24, 2025

  • 7.4

    HIGH
    CVE-2024-44098

    In lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 7.8

    HIGH
    CVE-2024-47013

    In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible arbitrary write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitat... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 8.8

    HIGH
    CVE-2024-47014

    Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292.... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-47015

    In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction ... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 7.8

    HIGH
    CVE-2024-47016

    there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 5.1

    MEDIUM
    CVE-2024-47030

    Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-315191818.... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 7.4

    HIGH
    CVE-2024-47031

    Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-329163861.... Read more

    Affected Products : android
    • Published: Oct. 25, 2024
    • Modified: Jul. 24, 2025

  • 7.8

    HIGH
    CVE-2024-11624

    there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2024-47032

    In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-53833

    In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-53834

    In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not need... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2024-53835

    there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Authentication

  • 6.7

    MEDIUM
    CVE-2024-53836

    In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-53837

    In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-53838

    In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interac... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-53839

    In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitati... Read more

    Affected Products : android
    • Published: Jan. 03, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 292095 Results