Total 310690 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-26422 1 Google 1 Android 2025-09-06 4 Medium
In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-26421 1 Google 1 Android 2025-09-06 4 Medium
In multiple locations, there is a possible lock screen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-26420 1 Google 1 Android 2025-09-06 4.4 Medium
In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-22425 1 Google 1 Android 2025-09-06 5.1 Medium
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-0077 1 Google 1 Android 2025-09-06 4 Medium
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-22441 1 Google 1 Android 2025-09-06 7.3 High
In getContextForResourcesEnsuringCorrectCachedApkPaths of RemoteViews.java, there is a possible way to load arbitrary java code in a privileged context due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-58912 2025-09-06 N/A
Not used
CVE-2025-58911 2025-09-06 N/A
Not used
CVE-2025-58910 2025-09-06 N/A
Not used
CVE-2025-58909 2025-09-06 N/A
Not used
CVE-2025-58908 2025-09-06 N/A
Not used
CVE-2025-58907 2025-09-06 N/A
Not used
CVE-2025-58906 2025-09-06 N/A
Not used
CVE-2025-58905 2025-09-06 N/A
Not used
CVE-2025-58904 2025-09-06 N/A
Not used
CVE-2025-58375 2025-09-06 N/A
This CVE is a duplicate of another CVE.
CVE-2014-9200 1 Schneider-electric 4 Somachine, Somove, Somove Lite and 1 more 2025-09-05 N/A
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-9199 1 Clorius Controls A\/s 1 Java Web Client 2025-09-05 N/A
The Clorius Controls Java web client before 01.00.0009g allows remote attackers to discover credentials by sniffing the network for cleartext-equivalent traffic.
CVE-2014-9198 1 Schneider-electric 5 Etg3000 Factorycast Hmi Gateway Firmware, Tsxetg3000, Tsxetg3010 and 2 more 2025-09-05 N/A
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
CVE-2014-9197 1 Schneider-electric 5 Etg3000 Factorycast Hmi Gateway Firmware, Tsxetg3000, Tsxetg3010 and 2 more 2025-09-05 N/A
The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.