8.8
CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware
Memory corruption while performing SCM call.
7.8
CVE-2025-27054 - Out-of-bounds Write in Display
Memory corruption while processing a malformed license file during reboot.
7.8
CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS
Memory corruption during PlayReady APP usecase while processing TA commands.
5.5
CVE-2025-27049 - Buffer Over-read in Camera
Transient DOS while processing IOCTL call for image encoding.
7.8
CVE-2025-27048 - Untrusted Pointer Dereference in Camera
Memory corruption while processing camera platform driver IOCTL calls.
6.1
CVE-2025-27045 - Buffer Over-read in Video
Information disclosure while processing batch command execution in Video driver.
5.5
CVE-2025-27041 - Buffer Over-read in Video
Transient DOS while processing video packets received from video firmware.
6.5
CVE-2025-27040 - Improper Input Validation in TZ Firmware
Information disclosure may occur while processing the hypervisor log.
6.6
CVE-2025-27039 - Detection of Error Condition Without Action in Computer Vision
Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
6.9
CVE-2025-11529 - ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit haโฆ