NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-48591	In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-48590	In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to prevent dialing emergency services under limited circum...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-48589	In multiple functions of HeaderPrivacyIconsController.kt, there is a possible way to grand permissions across user due to a logic error in the code. ...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48588	In startAlwaysOnVpn of Vpn.java, there is a possible way to disable always-on VPN due to a logic error in the code. This could lead to local escalatio...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48586	In onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the work profile due to a confused deputy. This could ...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48584	In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-48583	In multiple functions of BaseBundle.java, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48580	In connectInternal of MediaBrowser.java, there is a possible way to access while in use permission while the app is in background due to a logic error...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48576	In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there is a possible permanent denial of service due to res...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-48575	In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local esc...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48573	In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS whil...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48572	In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalati...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48566	In multiple locations, there is a possible bypass of user profile boundary with a forwarded intent due to improper input validation. This could lead t...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48565	In multiple locations, there is a possible way to bypass the cross profile intent filter due to a logic error in the code. This could lead to local es...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48564	In multiple locations, there is a possible intent filter bypass due to a race condition. This could lead to local escalation of privilege with no addi...	2025-12-08	7.0	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.