Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.3

    HIGH
    CVE-2025-36907

    In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privi... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-36906

    In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-36905

    In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-36904

    WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025

  • 7.8

    HIGH
    CVE-2025-36903

    In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 6.7

    MEDIUM
    CVE-2025-36902

    In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-36901

    WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025

  • 6.7

    MEDIUM
    CVE-2025-36900

    In lwis_test_register_io of lwis_device_test.c, there is a possible OOB Write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2025-36899

    There is a possible escalation of privilege due to test/debugging code left in a production build. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-36898

    There is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-36897

    In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-36896

    WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025

  • 7.5

    HIGH
    CVE-2025-36895

    Information disclosure... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-36894

    In TBD of TBD, there is a possible DoS due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-36893

    In ReadTachyonCommands of gxp_main_actor.cc, there is a possible information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-36892

    Denial of service... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-36891

    Elevation of privilege... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-36890

    Elevation of Privilege... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-36887

    In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 8.6

    HIGH
    CVE-2025-2417

    Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat allows Authentication Bypass.This issue affects e-Mutabakat: from 2.02.06 before v2.02.06.... Read more

    Affected Products :
    • Published: Sep. 04, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Authentication
Showing 20 of 293350 Results