CVE-2025-47335 - Buffer Copy Without Checking Size of Input in Camera Driver
CVE ID : CVE-2025-47335
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while parsing clock configuration data for a specific hardware type.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47335
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while parsing clock configuration data for a specific hardware type.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47336 - Use After Free in Camera Driver
CVE ID : CVE-2025-47336
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while performing sensor register read operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47336
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while performing sensor register read operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47337 - Use After Free in Camera Driver
CVE ID : CVE-2025-47337
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while accessing a synchronization object during concurrent operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47337
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while accessing a synchronization object during concurrent operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47339 - Use After Free in HLOS
CVE ID : CVE-2025-47339
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while deinitializing a HDCP session.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47339
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while deinitializing a HDCP session.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47343 - Untrusted Pointer Dereference in Video
CVE ID : CVE-2025-47343
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing a video session to set video parameters.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47343
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing a video session to set video parameters.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47344 - Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver
CVE ID : CVE-2025-47344
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while handling sensor utility operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47344
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while handling sensor utility operations.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47345 - Reusing a Nonce, Key Pair in Encryption in Automotive Platform
CVE ID : CVE-2025-47345
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Cryptographic issue may occur while encrypting license data.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47345
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Cryptographic issue may occur while encrypting license data.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47346 - Out-of-bounds Write in HLOS
CVE ID : CVE-2025-47346
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing a secure logging command in the trusted application.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47346
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing a secure logging command in the trusted application.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47348 - Use of Uninitialized Variable in HLOS
CVE ID : CVE-2025-47348
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing identity credential operations in the trusted application.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47348
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while processing identity credential operations in the trusted application.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47356 - Double Free in Video
CVE ID : CVE-2025-47356
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory Corruption when multiple threads concurrently access and modify shared resources.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47356
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory Corruption when multiple threads concurrently access and modify shared resources.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47369 - Information Exposure in Computer Vision
CVE ID : CVE-2025-47369
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47369
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47380 - Untrusted Pointer Dereference in Camera
CVE ID : CVE-2025-47380
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while preprocessing IOCTLs in sensors.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47380
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while preprocessing IOCTLs in sensors.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47388 - Buffer Copy without Checking Size of Input in DSP Service
CVE ID : CVE-2025-47388
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while passing pages to DSP with an unaligned starting address.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47388
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption while passing pages to DSP with an unaligned starting address.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47393 - Improper Validation of Array Index in Automotive Linux OS
CVE ID : CVE-2025-47393
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption when accessing resources in kernel driver.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47393
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 24 minutes ago
Description : Memory corruption when accessing resources in kernel driver.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47394 - Buffer Copy Without Checking Size of Input in DSP Service
CVE ID : CVE-2025-47394
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47394
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47395 - Buffer Over-read in WLAN Firmware
CVE ID : CVE-2025-47395
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47395
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47396 - Double Free in Graphics
CVE ID : CVE-2025-47396
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Memory corruption occurs when a secure application is launched on a device with insufficient memory.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47396
Published : Jan. 6, 2026, 10:48 p.m. | 1 hour, 23 minutes ago
Description : Memory corruption occurs when a secure application is launched on a device with insufficient memory.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0643 - projectworlds House Rental and Property Listing Signup register.php unrestricted upload
CVE ID : CVE-2026-0643
Published : Jan. 6, 2026, 11:32 p.m. | 40 minutes ago
Description : A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0643
Published : Jan. 6, 2026, 11:32 p.m. | 40 minutes ago
Description : A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0628 - Google Chrome WebView Policy Enforcement Bypass
CVE ID : CVE-2026-0628
Published : Jan. 6, 2026, 11:57 p.m. | 15 minutes ago
Description : Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0628
Published : Jan. 6, 2026, 11:57 p.m. | 15 minutes ago
Description : Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-14020 - carboneio carbone Formatter input.js prototype pollution
CVE ID : CVE-2024-14020
Published : Jan. 7, 2026, 12:02 a.m. | 4 hours, 11 minutes ago
Description : A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. Upgrading to version 3.5.6 will fix this issue. This patch is called 04f9feb24bfca23567706392f9ad2c53bbe4134e. You should upgrade the affected component. A successful exploitation can "only occur if the parent NodeJS application has the same security issue".
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-14020
Published : Jan. 7, 2026, 12:02 a.m. | 4 hours, 11 minutes ago
Description : A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. Upgrading to version 3.5.6 will fix this issue. This patch is called 04f9feb24bfca23567706392f9ad2c53bbe4134e. You should upgrade the affected component. A successful exploitation can "only occur if the parent NodeJS application has the same security issue".
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0649 - invoiceninja Migration Import Import.php copy server-side request forgery
CVE ID : CVE-2026-0649
Published : Jan. 7, 2026, 12:32 a.m. | 3 hours, 41 minutes ago
Description : A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument company_logo leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0649
Published : Jan. 7, 2026, 12:32 a.m. | 3 hours, 41 minutes ago
Description : A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument company_logo leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...