CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2018-25144 Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Atta... | 8.4 | HIGH | β | 0 |
| CVE-2026-0030 In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional executi... | 8.4 | HIGH | β | 0 |
| CVE-2026-0123 In EfwApTransport::ProcessRxRing of efw_ap_transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional exec... | 8.4 | HIGH | β | 0 |
| CVE-2026-0010 In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges... | 8.4 | HIGH | β | 0 |
| CVE-2026-0118 In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... | 8.4 | HIGH | β | 0 |
| CVE-2026-0122 In multiple places, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not n... | 8.4 | HIGH | β | 0 |
| CVE-2025-48650 In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio... | 8.4 | HIGH | β | 0 |
| CVE-2026-0011 In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the code. This could lead to local escalation of privilege with no a... | 8.4 | HIGH | β | 0 |
| CVE-2025-48619 In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privi... | 8.4 | HIGH | β | 0 |
| CVE-2026-0008 In multiple locations, there is a possible privilege escalation due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interac... | 8.4 | HIGH | β | 0 |
| CVE-2026-0117 In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges n... | 8.4 | HIGH | β | 0 |
| CVE-2025-48582 In multiple locations, there is a possible way to delete media without the MANAGE_EXTERNAL_STORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additi... | 8.4 | HIGH | β | 0 |
| CVE-2025-48574 In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privileg... | 8.4 | HIGH | β | 0 |
| CVE-2025-48602 In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privil... | 8.4 | HIGH | β | 0 |
| CVE-2025-48579 In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional ... | 8.4 | HIGH | β | 0 |
| CVE-2026-0107 In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to local escalation of privilege with no additional execution priv... | 8.4 | HIGH | β | 0 |
| CVE-2025-48605 In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional executio... | 8.4 | HIGH | β | 0 |
| CVE-2025-70802 Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | β | 0 |
| CVE-2025-70798 Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | 8.4 | HIGH | β | 0 |
| CVE-2025-32313 In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges n... | 8.4 | HIGH | β | 0 |
| CVE-2025-48636 In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no addit... | 8.4 | HIGH | β | 0 |
| CVE-2026-0013 In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional ex... | 8.4 | HIGH | β | 0 |
| CVE-2025-36920 In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution... | 8.4 | HIGH | β | 0 |
| CVE-2026-0020 In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of priv... | 8.4 | HIGH | β | 0 |
| CVE-2020-37167 ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through theΒ ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers c... | 8.4 | HIGH | β | 0 |
| CVE-2019-25336 SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can ge... | 8.4 | HIGH | β | 0 |
| CVE-2021-47756 Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet comm... | 8.4 | HIGH | β | 0 |
| CVE-2026-25924 Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote... | 8.4 | HIGH | β | 0 |
| CVE-2023-54336 Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the un... | 8.4 | HIGH | β | 0 |
| CVE-2023-54338 Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in t... | 8.4 | HIGH | β | 0 |
| CVE-2023-53984 Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attac... | 8.4 | HIGH | β | 0 |
| CVE-2022-50938 CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malic... | 8.4 | HIGH | β | 0 |
| CVE-2022-50930 Emerson PAC Machine Edition 9.80 contains an unquoted service path vulnerability in the TrapiServer service that allows local users to potentially execute code with elevated privileges. Attackers can ... | 8.4 | HIGH | β | 0 |
| CVE-2022-50924 Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unq... | 8.4 | HIGH | β | 0 |
| CVE-2022-50920 Sandboxie-Plus 5.50.2 contains an unquoted service path vulnerability in the SbieSvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquot... | 8.4 | HIGH | β | 0 |
| CVE-2022-50918 VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binar... | 8.4 | HIGH | β | 0 |
| CVE-2022-50929 Connectify Hotspot 2018 contains an unquoted service path vulnerability in its ConnectifyService executable that allows local attackers to potentially execute arbitrary code. Attackers can exploit the... | 8.4 | HIGH | β | 0 |
| CVE-2022-50913 ITeC ITeCProteccioAppServer contains an unquoted service path vulnerability that allows local attackers to execute code with elevated system privileges. Attackers can insert a malicious executable in ... | 8.4 | HIGH | β | 0 |
| CVE-2022-50914 EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with... | 8.4 | HIGH | β | 0 |
| CVE-2025-68957 Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. | 8.4 | HIGH | β | 0 |
| CVE-2022-50902 Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquot... | 8.4 | HIGH | β | 0 |
| CVE-2022-50808 CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicio... | 8.4 | HIGH | β | 0 |
| CVE-2022-50693 Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploi... | 8.4 | HIGH | β | 0 |
| CVE-2022-50904 Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquo... | 8.4 | HIGH | β | 0 |
| CVE-2020-37013 Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious pay... | 8.4 | HIGH | β | 0 |
| CVE-2026-26113 Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-26110 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-20952 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-20944 Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-25593 OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were la... | 8.4 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.