CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55242 – Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-55242
04 Sep 2025 — Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55242 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48562
https://notcve.org/view.php?id=CVE-2025-48562
04 Sep 2025 — In writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a logic error. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/252efec89b01a89b4d394c500e9dae2b6c08dbae •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48561
https://notcve.org/view.php?id=CVE-2025-48561
04 Sep 2025 — In multiple locations, there is a possible way to access data displayed on the screen due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/native/+/20465375a1d0cb71cdb891235a9f8a3fba31dbf6 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48560
https://notcve.org/view.php?id=CVE-2025-48560
04 Sep 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/wear/2025-09-01 • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48551
https://notcve.org/view.php?id=CVE-2025-48551
04 Sep 2025 — In multiple locations, there is a possible leak of an image across the Android User isolation boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/modules/IntentResolver/+/13c30b464d042f3e00899ffcf1c02b76bc35f769 • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48537
https://notcve.org/view.php?id=CVE-2025-48537
04 Sep 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/63aab59ce13856799a7c24a70b35625d32ae5357 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48529
https://notcve.org/view.php?id=CVE-2025-48529
04 Sep 2025 — In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/opt/telephony/+/e5cdca27526f5c2c358880538c7a15d8d5d5dd6d • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-48527
https://notcve.org/view.php?id=CVE-2025-48527
04 Sep 2025 — In multiple locations, there is a possible way to leak hidden work profile notifications due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/d8b1de7a18fc6a469c2d191ff9a0771f5d104fe4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-32330
https://notcve.org/view.php?id=CVE-2025-32330
04 Sep 2025 — This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/5b10581d2a91ddb256a1e37efcbcdb015091f5a1 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0076
https://notcve.org/view.php?id=CVE-2025-0076
04 Sep 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/d6ad7f34eaf5f0452b93a650265ee432288c0978 • CWE-862: Missing Authorization •