NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2025-20785 | In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677. | 6.7 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20784 | In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683. | 6.7 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20783 | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684. | 6.7 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20782 | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685. | 6.7 | 0.08% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20781 | In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699. | 7.8 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20780 | In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712. | 7.8 | 0.08% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20779 | In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720. | 7.0 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20778 | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729. | 7.8 | 0.07% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20762 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760. | 6.5 | 0.26% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20761 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655. | 6.5 | 0.23% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20760 | In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653. | 6.5 | 0.26% | 2026-01-05 | 2026-06-17 |
| CVE-2025-20792 | In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591. | 5.3 | 0.31% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20791 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298. | 6.5 | 0.22% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20790 | In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01677581; Issue ID: MSV-4701. | 5.3 | 0.33% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20789 | In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538. | 4.4 | 0.07% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20788 | In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539. | 4.4 | 0.06% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20777 | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752. | 6.7 | 0.07% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20776 | In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759. | 6.7 | 0.07% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20775 | In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795. | 6.7 | 0.07% | 2025-12-01 | 2026-06-17 |
| CVE-2025-20774 | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796. | 6.7 | 0.07% | 2025-12-01 | 2026-06-17 |